VYPR
Critical severity9.8NVD Advisory· Published Jun 19, 2024· Updated May 12, 2026

CVE-2024-38612

CVE-2024-38612

Description

In the Linux kernel, the following vulnerability has been resolved:

ipv6: sr: fix invalid unregister error path

The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn't called.

This issue exist since commit 46738b1317e1 ("ipv6: sr: add option to control lwtunnel support"), and commit 5559cea2d5aa ("ipv6: sr: fix possible use-after-free and null-ptr-deref") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Linux/Kernel3 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=4.10,<4.19.316
    • (no CPE)
    • (no CPE)range: 4.10

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.