U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-26950 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer->device being dereferenced. It's actually easier and faster performance-wise to instead get the device from ctx->wg. This semantically makes more sense too, since ctx->wg->peer_allowedips.seq is compared with ctx->allowedips_seq, basing them both in ctx. This also acts as a defence in depth provision against freed peers.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Hyperlink Resource
https://git.kernel.org/stable/c/09c3fa70f65175861ca948cb2f0f791e666c90e5
https://git.kernel.org/stable/c/09c3fa70f65175861ca948cb2f0f791e666c90e5
https://git.kernel.org/stable/c/493aa6bdcffd90a4f82aa614fe4f4db0641b4068
https://git.kernel.org/stable/c/493aa6bdcffd90a4f82aa614fe4f4db0641b4068
https://git.kernel.org/stable/c/4be453271a882c8ebc28df3dbf9e4d95e6ac42f5
https://git.kernel.org/stable/c/4be453271a882c8ebc28df3dbf9e4d95e6ac42f5
https://git.kernel.org/stable/c/71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f
https://git.kernel.org/stable/c/71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f
https://git.kernel.org/stable/c/93bcc1752c69bb309f4d8cfaf960ef1faeb34996
https://git.kernel.org/stable/c/93bcc1752c69bb309f4d8cfaf960ef1faeb34996
https://git.kernel.org/stable/c/c991567e6c638079304cc15dff28748e4a3c4a37
https://git.kernel.org/stable/c/c991567e6c638079304cc15dff28748e4a3c4a37
https://git.kernel.org/stable/c/d44bd323d8bb8031eef4bdc44547925998a11e47
https://git.kernel.org/stable/c/d44bd323d8bb8031eef4bdc44547925998a11e47
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Weakness Enumeration

CWE-ID CWE Name Source

Change History

7 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-26950
NVD Published Date:
05/01/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org