What is the severity of CVE-2024-46737?

CVE-2024-46737 has been classified as a high-severity vulnerability due to its potential to cause kernel crashes.

How do I fix CVE-2024-46737?

To fix CVE-2024-46737, update your Linux kernel to a version that is higher than the affected versions such as 5.10.226, 6.1.123, or any later stable release.

What versions of the Linux kernel are affected by CVE-2024-46737?

CVE-2024-46737 affects Linux kernel versions between 5.0 and 5.4.284, 5.5 and 5.10.226, 5.11 and 5.15.167, 5.16 and 6.1.110, 6.2 and 6.6.51, as well as 6.7 and 6.10.10.

What is the impact of CVE-2024-46737?

The impact of CVE-2024-46737 is a potential kernel crash resulting from a NULL pointer dereference during command allocation failure.

Is there any known workaround for CVE-2024-46737?

There are currently no specific workarounds documented for CVE-2024-46737, so applying the recommended updates is advisable.

Vulnerability/
CVE-2024-46737

medium

5.5

CWE

476

18/9/2024

19/12/2024

CVE-2024-46737: nvmet-tcp: fix kernel crash if commands allocation fails

First published: Wed Sep 18 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmet_tcp_alloc_cmds() the kernel crashes in nvmet_tcp_release_queue_work() because of a NULL pointer dereference. nvmet: failed to install queue 0 cntlid 1 ret 6 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Fix the bug by setting queue->nr_cmds to zero in case nvmet_tcp_alloc_cmd() fails.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	>=5.0<5.4.284
Linux Kernel	>=5.5<5.10.226
Linux Kernel	>=5.11<5.15.167
Linux Kernel	>=5.16<6.1.110
Linux Kernel	>=6.2<6.6.51
Linux Kernel	>=6.7<6.10.10
Linux Kernel	=6.11-rc1
Linux Kernel	=6.11-rc2
Linux Kernel	=6.11-rc3
Linux Kernel	=6.11-rc4
Linux Kernel	=6.11-rc5
Linux Kernel	=6.11-rc6
debian/linux	<=5.10.223-1	5.10.226-1 6.1.123-1 6.1.119-1 6.12.11-1 6.12.12-1
debian/linux-6.1		6.1.119-1~deb11u1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-46737?
CVE-2024-46737 has been classified as a high-severity vulnerability due to its potential to cause kernel crashes.
How do I fix CVE-2024-46737?
To fix CVE-2024-46737, update your Linux kernel to a version that is higher than the affected versions such as 5.10.226, 6.1.123, or any later stable release.
What versions of the Linux kernel are affected by CVE-2024-46737?
CVE-2024-46737 affects Linux kernel versions between 5.0 and 5.4.284, 5.5 and 5.10.226, 5.11 and 5.15.167, 5.16 and 6.1.110, 6.2 and 6.6.51, as well as 6.7 and 6.10.10.
What is the impact of CVE-2024-46737?
The impact of CVE-2024-46737 is a potential kernel crash resulting from a NULL pointer dereference during command allocation failure.
Is there any known workaround for CVE-2024-46737?
There are currently no specific workarounds documented for CVE-2024-46737, so applying the recommended updates is advisable.

agent/title
agent/first-publish-date
agent/type
agent/severity
agent/remedy
agent/weakness
agent/references
agent/author
collector/launchpad-cve
source/Launchpad
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
collector/usn-cve
source/Ubuntu
agent/description
agent/event
agent/source
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-api
agent/softwarecombine
agent/tags
package-manager/debian
vendor/linux
canonical/linux kernel
version/linux kernel/5.0
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.11-rc1
version/linux kernel/6.11-rc2
version/linux kernel/6.11-rc3
version/linux kernel/6.11-rc4
version/linux kernel/6.11-rc5
version/linux kernel/6.11-rc6

Frequently Asked Questions

What is the severity of CVE-2024-46737?
CVE-2024-46737 has been classified as a high-severity vulnerability due to its potential to cause kernel crashes.
How do I fix CVE-2024-46737?
To fix CVE-2024-46737, update your Linux kernel to a version that is higher than the affected versions such as 5.10.226, 6.1.123, or any later stable release.
What versions of the Linux kernel are affected by CVE-2024-46737?
CVE-2024-46737 affects Linux kernel versions between 5.0 and 5.4.284, 5.5 and 5.10.226, 5.11 and 5.15.167, 5.16 and 6.1.110, 6.2 and 6.6.51, as well as 6.7 and 6.10.10.
What is the impact of CVE-2024-46737?
The impact of CVE-2024-46737 is a potential kernel crash resulting from a NULL pointer dereference during command allocation failure.
Is there any known workaround for CVE-2024-46737?
There are currently no specific workarounds documented for CVE-2024-46737, so applying the recommended updates is advisable.

CVE-2024-46737: nvmet-tcp: fix kernel crash if commands allocation fails

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-46737?

How do I fix CVE-2024-46737?

What versions of the Linux kernel are affected by CVE-2024-46737?

What is the impact of CVE-2024-46737?

Is there any known workaround for CVE-2024-46737?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-46737?

How do I fix CVE-2024-46737?

What versions of the Linux kernel are affected by CVE-2024-46737?

What is the impact of CVE-2024-46737?

Is there any known workaround for CVE-2024-46737?