CVE-2024-36270
Published: Jun 21, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [..] RIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62 Call Trace: nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline] nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168 __in_dev_get_rcu() can return NULL, so check for this.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected cc6eb433856983e91071469c4ce57accb6947ccb - < 10f0af5234dafd03d2b75233428ec3f11cf7e43daffected cc6eb433856983e91071469c4ce57accb6947ccb - < 07eeedafc59c45fe5de43958128542be3784764caffected cc6eb433856983e91071469c4ce57accb6947ccb - < 6fe5af4ff06db3d4d80e07a19356640428159f03affected cc6eb433856983e91071469c4ce57accb6947ccb - < caf3a8afb5ea00db6d5398adf148d5534615fd80affected cc6eb433856983e91071469c4ce57accb6947ccb - < 570b4c52096e62fda562448f5760fd0ff06110f0+2 more versions |
Linux | Linux | affected 2.6.37unaffected 0 - < 2.6.37unaffected 5.4.278 - <= 5.4.*unaffected 5.10.219 - <= 5.10.*unaffected 5.15.161 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now