Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

CVE-2024-42322 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2024-42322

CVE-2024-42322

MEDIUM5.5

ipvs: properly dereference pe in ip_vs_add_service

Published Aug 17, 2024

Modified 5 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

ipvs: properly dereference pe in ip_vs_add_service

Use pe directly to resolve sparse warning:

net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression

References

WEB

https://git.kernel.org/stable/c/211168339657f36f32fb597afd0e3ac82d726119

WEB

https://git.kernel.org/stable/c/36c997f1e03601475ad0fda0e0f59b7a209e756b

WEB

https://git.kernel.org/stable/c/3dd428039e06e1967ce294e2cd6342825aaaad77

WEB

https://git.kernel.org/stable/c/b2c664df3bb46aabac6a5fd78aaa5bd614cfad97

WEB

https://git.kernel.org/stable/c/c420cd5d5bc6797f3a8824e7d74f38f0c286fca5

WEB

https://git.kernel.org/stable/c/cbd070a4ae62f119058973f6d2c984e325bce6e7

WEB

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

WEB

https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2024-42322

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedAug 17, 2024

ModifiedNov 3, 2025