CVE-2024-40921

Updated:

Description:

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each caller has already correctly dereferenced it for their context. This change is required for the following suspicious RCU dereference fix. No functional changes intended.

CVSS3: 5.5


Vendor State

OS Vendor version Errata
Debian 12 6.1.99-1 DSA-5731-1
Ubuntu 24.04 6.8.0-44.44 USN-6999-1

KernelCare State

OS Original kernel version State
Debian 12
Planned
Ubuntu 24.04
Planned