{"id":"CVE-2024-38612","summary":"ipv6: sr: fix invalid unregister error path","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix invalid unregister error path\n\nThe error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL\nis not defined. In that case if seg6_hmac_init() fails, the\ngenl_unregister_family() isn't called.\n\nThis issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control\nlwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible\nuse-after-free and null-ptr-deref\") replaced unregister_pernet_subsys()\nwith genl_unregister_family() in this error path.","modified":"2026-04-16T00:09:35.956717591Z","published":"2024-06-19T13:56:13.415Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38612.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/00e6335329f23ac6cf3105931691674e28bc598c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/10610575a3ac2a702bf5c57aa931beaf847949c7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/160e9d2752181fcf18c662e74022d77d3164cd45"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1a63730fb315bb1bab97edd69ff58ad45e04bb01"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3398a40dccb88d3a7eef378247a023a78472db66"},{"type":"WEB","url":"https://git.kernel.org/stable/c/646cd236c55e2cb5f146fc41bbe4034c4af5b2a4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/85a70ff1e572160f1eeb096ed48d09a1c9d4d89a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c04d6a914e890ccea4a9d11233009a2ee7978bf4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e77a3ec7ada84543e75722a1283785a6544de925"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38612.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38612"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"46738b1317e169b281ad74690276916e24d1be6d"},{"fixed":"10610575a3ac2a702bf5c57aa931beaf847949c7"},{"fixed":"646cd236c55e2cb5f146fc41bbe4034c4af5b2a4"},{"fixed":"00e6335329f23ac6cf3105931691674e28bc598c"},{"fixed":"1a63730fb315bb1bab97edd69ff58ad45e04bb01"},{"fixed":"e77a3ec7ada84543e75722a1283785a6544de925"},{"fixed":"3398a40dccb88d3a7eef378247a023a78472db66"},{"fixed":"85a70ff1e572160f1eeb096ed48d09a1c9d4d89a"},{"fixed":"c04d6a914e890ccea4a9d11233009a2ee7978bf4"},{"fixed":"160e9d2752181fcf18c662e74022d77d3164cd45"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38612.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}