How severe is CVE-2024-35857?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2024-35857?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2024-35857

MEDIUM Year: 2024

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-476

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe() First problem is a double call to __in_dev_get_rcu(), because the second one could return NULL. if (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list) Second problem is a read from dev->ip6_ptr with no NULL check: if (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list)) Use the correct RCU API to fix these. v2: add missing include <net/addrconf.h>

CVE-2017-1000360

MEDIUM

CVSS:5.3(Medium)

StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Vers...

CWE-4762017

CVE-2017-17251

MEDIUM

CVSS:5.3(Medium)

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, ...

CWE-4762017

CVE-2017-18658

MEDIUM

CVSS:5.3(Medium)

An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a n...

CWE-4762017

CVE-2018-0833

MEDIUM

CVSS:5.3(Medium)

The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests ...

CWE-4762018

CVE-2018-3841

MEDIUM

CVSS:5.3(Medium)

A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69). The vulnerability is present in the parsing of a network packet without proper validation of the packet....

CWE-4762018

CVE-2019-13161

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip wh...

CWE-4762019

CVE-2024-35857

Vulnerability Description

Related Vulnerabilities

CVE-2017-1000360

CVE-2017-17251

CVE-2017-18658

CVE-2018-0833

CVE-2018-3841

CVE-2019-13161