SB2024102268 - NULL pointer dereference in Linux kernel l2tp

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2024-49940)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pppol2tp_session_setsockopt() function in net/l2tp/l2tp_ppp.c, within the l2tp_nl_cmd_session_modify() function in net/l2tp/l2tp_netlink.c, within the l2tp_v3_session_get(), l2tp_session_register(), l2tp_recv_common(), EXPORT_SYMBOL_GPL(), l2tp_session_set_header_len() and l2tp_session_create() functions in net/l2tp/l2tp_core.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/f7415e60c25a6108cd7955a20b2e66b6251ffe02
• https://git.kernel.org/stable/c/24256415d18695b46da06c93135f5b51c548b950
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12