Analysis Summary

CVE-2024-26925 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by an error related to netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-24856 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the ACPI_ALLOCATE_ZEROED memory allocation function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-24862 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the devm_kzalloc function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-24863 CVSS:5.3

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the malidp_mw_connector_reset function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.

Impact

• Denial of Service
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2024-26925
• CVE-2024-24856
• CVE-2024-24862
• CVE-2024-24863

Affected Vendors

Remediation

Refer to Linux Kernel Website for patch, upgrade or suggested workaround information.

CVE-2024-26925

CVE-2024-24856

CVE-2024-24862

CVE-2024-24863