CVE-2024-26735

ipv6: sr: fix possible use-after-free and null-ptr-deref

References

Notes

 carnil> Introduced in 915d7e5e5930 ("ipv6: sr: add code base for control plane support
 carnil> of SR-IPv6"). Vulnerable versions: 4.10-rc1.

Bugs

Status

Branch Status
4.19-buster-security needed
4.19-upstream-stable released (4.19.308) [953f42934533c151f440cd32390044d2396b87aa]
5.10-bullseye-security released (5.10.216-1)
5.10-upstream-stable released (5.10.211) [65c38f23d10ff79feea1e5d50b76dc7af383c1e6]
6.1-bookworm-security released (6.1.82-1)
6.1-upstream-stable released (6.1.80) [8391b9b651cfdf80ab0f1dc4a489f9d67386e197]
6.6-upstream-stable released (6.6.19) [9e02973dbc6a91e40aa4f5d87b8c47446fbfce44]
6.8-upstream-stable N/A "Fixed before branching point"
sid released (6.7.7-1)
upstream released (6.8-rc6) [5559cea2d5aa3018a5f00dd2aca3427ba09b386b]