VDB
DEBIAN-CVE-2024-40921
DEBIAN-CVE-2024-40921
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each caller has already correctly dereferenced it for their context. This change is required for the following suspicious RCU dereference fix. No functional changes intended.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | linux | 0, 0 |
| Debian:11 | linux-6.1 | 6.1.112-1, 6.1.106-3, 6.1.106-3 |
| Debian:13 | linux | 0, 0 |
| Debian:12 | linux | 6.1.76-1~bpo11+1, 6.1.82-1, 6.1.90-1 |
Timeline
- Jul 12, 2024 CVE Published
- Apr 28, 2026 CVE Updated