Login Sign Up

CVE-2024-47707

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's IPv6 routing subsystem. The flaw occurs when the rt6_uncached_list_flush_dev() function attempts to access a NULL rt->rt6i_idev pointer, causing a kernel panic and system crash. This affects all Linux systems with IPv6 enabled.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions containing the vulnerable commit up to the fix commit
Operating Systems: All Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires IPv6 to be enabled and the vulnerable code path to be triggered through network interface operations like disabling interfaces.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to complete system crash and denial of service, potentially causing data loss and service disruption.

🟠

Likely Case

System crash when network interfaces are disabled or removed, resulting in temporary denial of service until system reboot.

🟢

If Mitigated

Minimal impact if systems have IPv6 disabled or are not performing network interface operations that trigger the vulnerable code path.

🌐 Internet-Facing: MEDIUM - Exploitation requires triggering specific network interface operations, but could be achieved remotely through network manipulation.
🏢 Internal Only: MEDIUM - Local users or processes could trigger the vulnerability through network interface operations.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires triggering specific network interface operations, which may require local access or ability to manipulate network configuration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commit 04ccecfa959d3b9ae7348780d8e379c6486176ac and backported to stable branches

Vendor Advisory: https://git.kernel.org/stable/c/04ccecfa959d3b9ae7348780d8e379c6486176ac

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing fix commit 04ccecfa959d3b9ae7348780d8e379c6486176ac
2. Reboot system to load new kernel
3. Verify kernel version after reboot

🔧 Temporary Workarounds

Disable IPv6

linux

Disable IPv6 functionality to prevent triggering the vulnerable code path

echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.conf
echo 'net.ipv6.conf.default.disable_ipv6 = 1' >> /etc/sysctl.conf
sysctl -p

🧯 If You Can't Patch

  • Implement strict network interface management policies to prevent unauthorized interface operations
  • Monitor system logs for kernel panic events and implement automated recovery procedures

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with affected versions. Vulnerable if running kernel containing the buggy commit before fix commit 04ccecfa959d3b9ae7348780d8e379c6486176ac

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commit 04ccecfa959d3b9ae7348780d8e379c6486176ac or later

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • NULL pointer dereference errors in kernel logs
  • System crash/reboot events

Network Indicators:

  • Sudden loss of network connectivity
  • Interface state changes preceding crashes

SIEM Query:

source="kernel" AND ("NULL pointer dereference" OR "general protection fault" OR "rt6_uncached_list_flush_dev")

📊 Metadata

CVE ID: CVE-2024-47707
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
Published: October 21, 2024
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47707, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2019-20914 9.8

This vulnerability in GNU LibreDWG is a NULL pointer dereference that can cause application crashes ...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)