CVE-2024-46742 – A NULL pointer dereference vulnerability exists... (How to Fix)

Q: What is the severity of CVE-2024-46742?

CVE-2024-46742 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability exists in the Linux kernel's SMB server implementation. When processing SMB2_OPLOCK_LEVEL_LEASE operations, a missing NULL check could cause kernel crashes or denial of service. This affects Linux systems with SMB server functionality enabled.

📋 TL;DR

A NULL pointer dereference vulnerability exists in the Linux kernel's SMB server implementation. When processing SMB2_OPLOCK_LEVEL_LEASE operations, a missing NULL check could cause kernel crashes or denial of service. This affects Linux systems with SMB server functionality enabled.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not specified in CVE, but references indicate stable kernel patches

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if SMB server (smbd) is running and configured to handle SMB2 leases. Many distributions don't enable SMB server by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

System crash or kernel panic resulting in denial of service requiring system reboot.

🟢

If Mitigated

No impact if SMB server is disabled or if the vulnerable code path isn't triggered.

🌐 Internet-Facing: MEDIUM - SMB servers exposed to internet could be targeted for DoS attacks, but SMB is typically internal.

🏢 Internal Only: MEDIUM - Internal attackers or malicious clients could crash SMB servers, disrupting file sharing services.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires ability to send SMB2 requests with lease operations. Likely requires authenticated access to SMB share.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 07f384c5be1f, 3b692794b81f, 4e8771a3666c, 878f32878351, ec28c35029b7

Vendor Advisory: https://git.kernel.org/stable/c/07f384c5be1f8633b13f0a22616e227570450bc6

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution security advisories for specific package updates. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable SMB server

linux

Stop and disable SMB server services if not required

systemctl stop smbd
systemctl disable smbd
systemctl stop nmbd
systemctl disable nmbd

Block SMB at firewall

linux

Prevent SMB traffic to vulnerable systems

iptables -A INPUT -p tcp --dport 445 -j DROP
iptables -A INPUT -p udp --dport 445 -j DROP

🧯 If You Can't Patch

Disable SMB2 lease support in SMB server configuration
Implement network segmentation to isolate SMB servers from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions. Check if smbd is running: systemctl status smbd

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and contains the fix commits. Test SMB functionality remains operational.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
smbd crash logs
System reboots without clear cause

Network Indicators:

SMB2 lease operation requests followed by service disruption

SIEM Query:

source="kernel" AND "panic" OR source="smbd" AND "segmentation fault"

📊 Metadata

CVE ID: CVE-2024-46742

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

Published: September 18, 2024

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46742, you might also want to check these: