CVE-2024-26950

2024-05-0100:00:00

ubuntu.com

linux kernel

vulnerability

wireguard

netlink

device

bug

performance

defence

unix

AI Score

7.6

Confidence

High

EPSS

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved:
wireguard: netlink: access device through ctx instead of peer The previous
commit fixed a bug that led to a NULL peer->device being dereferenced. It’s
actually easier and faster performance-wise to instead get the device from
ctx->wg. This semantically makes more sense too, since
ctx->wg->peer_allowedips.seq is compared with ctx->allowedips_seq, basing
them both in ctx. This also acts as a defence in depth provision against
freed peers.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchlinux< 5.15.0-116.126UNKNOWN
ubuntu24.04noarchlinux< 6.8.0-35.35UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1065.71UNKNOWN
ubuntu24.04noarchlinux-aws< 6.8.0-1009.9UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1065.71~20.04.1UNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1068.77UNKNOWN
ubuntu24.04noarchlinux-azure< 6.8.0-1008.8UNKNOWN
ubuntu20.04noarchlinux-azure-5.15< 5.15.0-1068.77~20.04.1UNKNOWN
ubuntu22.04noarchlinux-azure-6.5< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	22.04	noarch	linux	< 5.15.0-116.126	UNKNOWN
ubuntu	24.04	noarch	linux	< 6.8.0-35.35	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1065.71	UNKNOWN
ubuntu	24.04	noarch	linux-aws	< 6.8.0-1009.9	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1065.71~20.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	22.04	noarch	linux-azure	< 5.15.0-1068.77	UNKNOWN
ubuntu	24.04	noarch	linux-azure	< 6.8.0-1008.8	UNKNOWN
ubuntu	20.04	noarch	linux-azure-5.15	< 5.15.0-1068.77~20.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-azure-6.5	< any	UNKNOWN