vulnerability

Red Hat: CVE-2024-27417: kernel: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	May 17, 2024	Jul 25, 2024	Mar 27, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

May 17, 2024

Added

Jul 25, 2024

Modified

Mar 27, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()

It seems that if userspace provides a correct IFA_TARGET_NETNSID value
but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()
returns -EINVAL with an elevated "struct net" refcount.

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

CWE-401
EUVD-EUVD-2024-24621
NVD-CVE-2024-27417
REDHAT-RHSA-2024:4823
REDHAT-RHSA-2024:4831
REDHAT-RHSA-2024:5363
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-24621

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report

Red Hat: CVE-2024-27417: kernel: ipv6: fix potential &#34;struct net&#34; leak in inet6_rtm_getaddr() (Multiple Advisories)

Description

Solutions

References

2026 Global Threat Landscape Report

Red Hat: CVE-2024-27417: kernel: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() (Multiple Advisories)