CVE-2024-44986
CVE-2024-44986 affects the Linux kernel IPv6 path. A use-after-free can occur in ip6_finish_output2() if skb_expand_head() returns NULL, potentially freeing skb and its dst/idev; the code must hold rcu_read_lock() to keep dst/idev alive. The provided connected documents confirm a kernel fix in th...