Main Vulnerability Database SB20240531478

SB20240531478 - NULL pointer dereference in Linux kernel intel ice driver

Published: May 31, 2024 Updated: May 14, 2025

Security Bulletin ID SB20240531478

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2024-26855)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the ice_bridge_setlink() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/d9fefc51133107e59d192d773be86c1150cfeebb
https://git.kernel.org/stable/c/37fe99016b12d32100ce670216816dba6c48b309
https://git.kernel.org/stable/c/8d95465d9a424200485792858c5b3be54658ce19
https://git.kernel.org/stable/c/afdd29726a6de4ba27cd15590661424c888dc596
https://git.kernel.org/stable/c/1a770927dc1d642b22417c3e668c871689fc58b3
https://git.kernel.org/stable/c/0e296067ae0d74a10b4933601f9aa9f0ec8f157f
https://git.kernel.org/stable/c/06e456a05d669ca30b224b8ed962421770c1496c
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.213
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.152
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.272
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.82
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.22
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.10
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8