Severity
Medium
Analysis Summary
CVE-2024-26925 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an error related to netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-24856 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the ACPI_ALLOCATE_ZEROED memory allocation function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-24862 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the devm_kzalloc function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-24863 CVSS:5.3
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the malidp_mw_connector_reset function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-26925
- CVE-2024-24856
- CVE-2024-24862
- CVE-2024-24863
Affected Vendors
Affected Products
- Linux Kernel
- Linux Kernel 6.2
- Linux Kernel 6.9-rc2
- Linux Kernel 6.9-rc1
- Linux Kernel 4.19-rc1
Remediation
Refer to Linux Kernel Website for patch, upgrade or suggested workaround information.