Back to search
CVE-2024-27396
Published: May 9, 2024
Modified: May 23, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 043a283d24f40fea4c8a8d06b0e2694c8e372200 - < 07b20d0a3dc13fb1adff10b60021a4924498da58affected c185e1d6e2752a4b656c3ca878c525fa11f55757 - < 718df1bc226c383dd803397d7f5d95557eb81ac7affected 94dc550a5062030569d4aa76e10e50c8fc001930 - < 0caff3e6390f840666b8dc1ecebf985c2ef3f1ddaffected 94dc550a5062030569d4aa76e10e50c8fc001930 - < 2e74b3fd6bf542349758f283676dff3660327c07affected 94dc550a5062030569d4aa76e10e50c8fc001930 - < 25a1c2d4b1fcf938356a9688a96a6456abd44b29+7 more versions |
Linux | Linux | affected 5.5unaffected 0 - < 5.5unaffected 4.19.313 - <= 4.19.*unaffected 5.4.275 - <= 5.4.*unaffected 5.10.216 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now