CVE-2024-46686

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 13, 2024
Updated: Sep 14, 2024
CWE ID 476

Summary

CVE-2024-46686 is a vulnerability affecting the Linux kernel, specifically related to SMB2 read requests that may dereference a NULL pointer when using RDMA and reaching the rdma_readwrite_threshold. The issue has been assigned a medium severity rating with an exploitability score of 1.8, indicating that it could potentially allow local attackers to disrupt system availability without requiring user interaction. Organizations using affected versions of the Linux kernel should remediate this vulnerability by applying the relevant patches provided in the links associated with the CVE. Failure to address this vulnerability could lead to significant availability impacts on systems utilizing SMB2 protocol in RDMA configurations. The potential attack complexity is low, highlighting the importance of prompt mitigation efforts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share