Unrated severityNVD Advisory· Published May 30, 2024· Updated Jan 19, 2026

ipv6: Fix potential uninit-value access in __ip6_make_skb()

CVE-2024-36903

Description

In the Linux kernel, the following vulnerability has been resolved:

As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access in __ip_make_skb()") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6->flowi6_flags instead of testing HDRINCL on the socket to avoid a race condition which causes uninit-value access.

Affected products

118

osv-coords117 versions
pkg:rpm/almalinux/bpftool pkg:rpm/almalinux/kernel pkg:rpm/almalinux/kernel-64k pkg:rpm/almalinux/kernel-64k-core pkg:rpm/almalinux/kernel-64k-debug pkg:rpm/almalinux/kernel-64k-debug-core pkg:rpm/almalinux/kernel-64k-debug-devel pkg:rpm/almalinux/kernel-64k-debug-devel-matched pkg:rpm/almalinux/kernel-64k-debug-modules pkg:rpm/almalinux/kernel-64k-debug-modules-core pkg:rpm/almalinux/kernel-64k-debug-modules-extra pkg:rpm/almalinux/kernel-64k-devel pkg:rpm/almalinux/kernel-64k-devel-matched pkg:rpm/almalinux/kernel-64k-modules pkg:rpm/almalinux/kernel-64k-modules-core pkg:rpm/almalinux/kernel-64k-modules-extra pkg:rpm/almalinux/kernel-abi-stablelists pkg:rpm/almalinux/kernel-core pkg:rpm/almalinux/kernel-cross-headers pkg:rpm/almalinux/kernel-debug pkg:rpm/almalinux/kernel-debug-core pkg:rpm/almalinux/kernel-debug-devel pkg:rpm/almalinux/kernel-debug-devel-matched pkg:rpm/almalinux/kernel-debug-modules pkg:rpm/almalinux/kernel-debug-modules-core pkg:rpm/almalinux/kernel-debug-modules-extra pkg:rpm/almalinux/kernel-debug-uki-virt pkg:rpm/almalinux/kernel-devel pkg:rpm/almalinux/kernel-devel-matched pkg:rpm/almalinux/kernel-doc pkg:rpm/almalinux/kernel-headers pkg:rpm/almalinux/kernel-modules pkg:rpm/almalinux/kernel-modules-core pkg:rpm/almalinux/kernel-modules-extra pkg:rpm/almalinux/kernel-rt pkg:rpm/almalinux/kernel-rt-core pkg:rpm/almalinux/kernel-rt-debug pkg:rpm/almalinux/kernel-rt-debug-core pkg:rpm/almalinux/kernel-rt-debug-devel pkg:rpm/almalinux/kernel-rt-debug-modules pkg:rpm/almalinux/kernel-rt-debug-modules-core pkg:rpm/almalinux/kernel-rt-debug-modules-extra pkg:rpm/almalinux/kernel-rt-devel pkg:rpm/almalinux/kernel-rt-modules pkg:rpm/almalinux/kernel-rt-modules-core pkg:rpm/almalinux/kernel-rt-modules-extra pkg:rpm/almalinux/kernel-tools pkg:rpm/almalinux/kernel-tools-libs pkg:rpm/almalinux/kernel-tools-libs-devel pkg:rpm/almalinux/kernel-uki-virt pkg:rpm/almalinux/kernel-zfcpdump pkg:rpm/almalinux/kernel-zfcpdump-core pkg:rpm/almalinux/kernel-zfcpdump-devel pkg:rpm/almalinux/kernel-zfcpdump-devel-matched pkg:rpm/almalinux/kernel-zfcpdump-modules pkg:rpm/almalinux/kernel-zfcpdump-modules-core pkg:rpm/almalinux/kernel-zfcpdump-modules-extra pkg:rpm/almalinux/libperf pkg:rpm/almalinux/perf pkg:rpm/almalinux/python3-perf pkg:rpm/almalinux/rtla pkg:rpm/almalinux/rv pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_77&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 7.3.0-427.31.1.el9_4+ 116 more
- (no CPE)range: < 7.3.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 5.14.0-427.31.1.el9_4
- (no CPE)range: < 6.4.0-150600.23.14.1
- (no CPE)range: < 6.4.0-150600.23.14.1
- (no CPE)range: < 6.4.0-150600.8.8.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2.150600.12.4.3
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-150600.8.8.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-150600.8.8.1
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.1
- (no CPE)range: < 6.4.0-150600.8.8.2
- (no CPE)range: < 6.4.0-150600.23.14.2.150600.12.4.3
- (no CPE)range: < 6.4.0-17.1.1.51
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 4.12.14-122.293.1
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 4.12.14-122.293.1
- (no CPE)range: < 4.12.14-122.293.1
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 1-150600.1.5.1
- (no CPE)range: < 1-150600.13.3.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-150600.8.8.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 4.12.14-122.293.1
- (no CPE)range: < 4.12.14-122.293.1
- (no CPE)range: < 6.4.0-18.1
- (no CPE)range: < 6.4.0-9.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-150600.8.8.1
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 4.12.14-122.293.1
- (no CPE)range: < 4.12.14-122.293.1
- (no CPE)range: < 6.4.0-150600.10.5.1
- (no CPE)range: < 6.4.0-150600.23.14.2
- (no CPE)range: < 1-8.3.1
Linux/Linuxcpe-rescue
Range: 6.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000