5.5
CVE-2024-26677
- EPSS 0.24%
- Veröffentlicht 02.04.2024 07:15:44
- Zuletzt bearbeitet 17.03.2025 15:42:33
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
rxrpc: Fix delayed ACKs to not set the reference serial number
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construction of delayed ACKs to not set the reference serial number as they can't be used as an RTT reference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.22 < 6.6.17
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.5
Linux ≫ Linux Kernel Version6.8 Updaterc1
Linux ≫ Linux Kernel Version6.8 Updaterc2
Linux ≫ Linux Kernel Version6.8 Updaterc3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.15 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2
https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae
https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef