{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-46677","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-09-11T15:12:18.247Z","datePublished":"2024-09-13T05:29:12.203Z","dateUpdated":"2025-11-03T22:16:17.032Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:31:41.420Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix a potential NULL pointer dereference\n\nWhen sockfd_lookup() fails, gtp_encap_enable_socket() returns a\nNULL pointer, but its callers only check for error pointers thus miss\nthe NULL pointer case.\n\nFix it by returning an error pointer with the error code carried from\nsockfd_lookup().\n\n(I found this bug during code inspection.)"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/gtp.c"],"versions":[{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"620fe9809752fae91b4190e897b81ed9976dfb39","status":"affected","versionType":"git"},{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e","status":"affected","versionType":"git"},{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"8bbb9e4e0e66a39282e582d0440724055404b38c","status":"affected","versionType":"git"},{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"4643b91691e969b1b9ad54bf552d7a990cfa3b87","status":"affected","versionType":"git"},{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"e8b9930b0eb045d19e883c65ff9676fc89320c70","status":"affected","versionType":"git"},{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"28c67f0f84f889fe9f4cbda8354132b20dc9212d","status":"affected","versionType":"git"},{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"612edd35f2a3910ab1f61c1f2338889d4ba99fa2","status":"affected","versionType":"git"},{"version":"1e3a3abd8b28cfda9d0d0167e50e0fe11bc372a9","lessThan":"defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/gtp.c"],"versions":[{"version":"4.12","status":"affected"},{"version":"0","lessThan":"4.12","status":"unaffected","versionType":"semver"},{"version":"4.19.321","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.283","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.225","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.166","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.108","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.49","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.8","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"4.19.321"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"5.4.283"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"5.10.225"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"5.15.166"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.1.108"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.6.49"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.10.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.11"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/620fe9809752fae91b4190e897b81ed9976dfb39"},{"url":"https://git.kernel.org/stable/c/bdd99e5f0ad5fa727b16f2101fe880aa2bff2f8e"},{"url":"https://git.kernel.org/stable/c/8bbb9e4e0e66a39282e582d0440724055404b38c"},{"url":"https://git.kernel.org/stable/c/4643b91691e969b1b9ad54bf552d7a990cfa3b87"},{"url":"https://git.kernel.org/stable/c/e8b9930b0eb045d19e883c65ff9676fc89320c70"},{"url":"https://git.kernel.org/stable/c/28c67f0f84f889fe9f4cbda8354132b20dc9212d"},{"url":"https://git.kernel.org/stable/c/612edd35f2a3910ab1f61c1f2338889d4ba99fa2"},{"url":"https://git.kernel.org/stable/c/defd8b3c37b0f9cb3e0f60f47d3d78d459d57fda"}],"title":"gtp: fix a potential NULL pointer dereference","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-29T15:12:57.670993Z","id":"CVE-2024-46677","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-29T15:13:12.743Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T22:16:17.032Z"}}]}}