How severe is CVE-2024-50260?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2024-50260?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2024-50260

MEDIUM Year: 2024

CVSS v3 Score

4.7

Medium

Weakness Type

CWE-476

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dereference: sock_map_link_detach(): sock_map_link_update_prog(): mutex_lock(&sockmap_mutex); ... sockmap_link->map = NULL; mutex_unlock(&sockmap_mutex); mutex_lock(&sockmap_mutex); ... sock_map_prog_link_lookup(sockmap_link->map); mutex_unlock(&sockmap_mutex); <continue> Fix it by adding a NULL pointer check. In this specific case, it makes no sense to update a link which is being released.

CVE-2005-3274

MEDIUM

CVSS:4.7(Medium)

Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a c...

CWE-4762005

CVE-2017-5969

MEDIUM

CVSS:4.7(Medium)

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a...

CWE-4762017

CVE-2018-1065

MEDIUM

CVSS:4.7(Medium)

The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service...

CWE-4762018

CVE-2018-5729

MEDIUM

CVSS:4.7(Medium)

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container che...

CWE-4762018

CVE-2019-10207

MEDIUM

CVSS:4.7(Medium)

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth ...

CWE-4762019

CVE-2019-16230

MEDIUM

CVSS:4.7(Medium)

drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer state...

CWE-4762019

CVE-2024-50260

Vulnerability Description

Related Vulnerabilities

CVE-2005-3274

CVE-2017-5969

CVE-2018-1065

CVE-2018-5729

CVE-2019-10207

CVE-2019-16230