vulnerability

Debian: CVE-2024-40921: linux, linux-6.1 -- security update

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Jul 12, 2024

Added

Jul 18, 2024

Modified

Mar 30, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state

Pass the already obtained vlan group pointer to br_mst_vlan_set_state()
instead of dereferencing it again. Each caller has already correctly
dereferenced it for their context. This change is required for the
following suspicious RCU dereference fix. No functional changes
intended.

Solutions

debian-upgrade-linuxdebian-upgrade-linux-6-1

References

CVE-2024-40921
https://attackerkb.com/topics/CVE-2024-40921
DEBIAN-DSA-5731-1
EUVD-EUVD-2024-38732
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-38732

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report