CVE-2024-50260

Published: Nov 9, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dereference: sock_map_link_detach(): sock_map_link_update_prog(): mutex_lock(&sockmap_mutex); ... sockmap_link->map = NULL; mutex_unlock(&sockmap_mutex); mutex_lock(&sockmap_mutex); ... sock_map_prog_link_lookup(sockmap_link->map); mutex_unlock(&sockmap_mutex); <continue> Fix it by adding a NULL pointer check. In this specific case, it makes no sense to update a link which is being released.

Vendor	Product	Versions
Linux	Linux	affected `699c23f02c65cbfc3e638f14ce0d70c23a2e1f02 - < 9afe35fdda16e09d5bd3c49a68ba8c680dd678bd` affected `699c23f02c65cbfc3e638f14ce0d70c23a2e1f02 - < 740be3b9a6d73336f8c7d540842d0831dc7a808b`
Linux	Linux	affected `6.10` unaffected `0 - < 6.10` unaffected `6.11.7 - <= 6.11.` unaffected `6.12 - <= `

References

https://git.kernel.org/stable/c/9afe35fdda16e09d5bd3c49a68ba8c680dd678bd

https://git.kernel.org/stable/c/740be3b9a6d73336f8c7d540842d0831dc7a808b

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-50260

Description

Affected Products

References