2 matches found
CVE-2024-44999
A use-after-free vulnerability was found in the Linux kernel's GPRS Tunneling Protocol GTP driver, specifically in the gtpdevxmit function. This issue is due to the IPv4 or IPv6 headers not being properly pulled into the skb-head before being accessed. This led to the use of uninitialized values,...
CVE-2024-44999
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...