High severity7.8NVD Advisory· Published May 14, 2024· Updated May 12, 2026

CVE-2024-27396

Description

In the Linux kernel, the following vulnerability has been resolved:

net: gtp: Fix Use-After-Free in gtp_dellink

Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dellink, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free.

To prevent this, it should be changed to hlist_for_each_entry_safe.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Use-after-free in Linux kernel GTP driver due to improper RCU traversal in gtp_dellink, allowing local privilege escalation.

Vulnerability

Description

CVE-2024-27396 is a use-after-free vulnerability in the Linux kernel's GTP (GPRS Tunneling Protocol) driver. The bug resides in the gtp_dellink function, which uses hlist_for_each_entry_rcu to traverse a list of keys. During this traversal, call_rcu is invoked, but it is not protected by an RCU read-side critical section. Consequently, the RCU grace period can expire while the traversal is still in progress, leading to the premature freeing of a key and subsequent use-after-free.

Exploitation

Exploitation requires local access to the system and the ability to trigger the gtp_dellink operation, typically by removing a GTP link. No special privileges beyond local user access are necessary to initiate the vulnerable code path. The attacker must be able to create and delete GTP interfaces, which may be restricted in some environments but is generally achievable from user space.

Impact

A successful exploit could allow an attacker to cause a denial of service (system crash) or potentially escalate privileges to gain arbitrary code execution in kernel context. The use-after-free condition can be leveraged to corrupt kernel memory, leading to full system compromise.

Mitigation

The fix was applied in the Linux kernel stable tree by replacing hlist_for_each_entry_rcu with hlist_for_each_entry_safe, ensuring that the traversal is safe against concurrent removal. Users should update to a patched kernel version. Siemens has also acknowledged the vulnerability in their product advisory SSA-265688 [1], listing affected products such as the SIMATIC S7-1500 TM MFP - GNU/Linux subsystem, and recommends applying the provided remediation.

References

SSA-265688

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

115

osv-coords114 versions
pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_15&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_57&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 5.14.21-150500.55.68.1+ 113 more
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1.150500.6.31.1
- (no CPE)range: < 6.4.0-150600.23.7.3.150600.12.2.7
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.4
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 4.12.14-16.188.1
- (no CPE)range: < 4.12.14-16.188.1
- (no CPE)range: < 5.14.21-150500.55.68.1.150500.6.31.1
- (no CPE)range: < 5.14.21-150500.55.68.1.150500.6.31.1
- (no CPE)range: < 6.4.0-150600.23.7.3.150600.12.2.7
- (no CPE)range: < 6.4.0-17.1.1.51
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.4
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 1-150600.1.5.1
- (no CPE)range: < 1-150600.13.3.7
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 4.12.14-10.188.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 4.12.14-10.188.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.4
- (no CPE)range: < 4.12.14-16.188.1
- (no CPE)range: < 4.12.14-16.188.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.2
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 4.12.14-10.188.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.33.57.1
- (no CPE)range: < 6.4.0-150600.8.5.1
- (no CPE)range: < 4.12.14-16.188.1
- (no CPE)range: < 4.12.14-16.188.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.1
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 4.12.14-122.219.1
- (no CPE)range: < 4.12.14-10.188.1
- (no CPE)range: < 5.14.21-150500.13.58.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 5.14.21-150500.55.68.1
- (no CPE)range: < 6.4.0-150600.23.7.3
- (no CPE)range: < 1-8.3.1
Linux/Linuxcpe-rescue
Range: 5.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000