VYPR
High severity7.8NVD Advisory· Published Sep 4, 2024· Updated Apr 9, 2026

CVE-2024-44986

CVE-2024-44986

Description

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible UAF in ip6_finish_output2()

If skb_expand_head() returns NULL, skb has been freed and associated dst/idev could also have been freed.

We need to hold rcu_read_lock() to make sure the dst and associated idev are alive.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

96

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.