CVE-2024-26595: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-26595 is a vulnerability in the Linux kernel affecting the mlxsw (Mellanox switch) driver component. The issue was discovered and disclosed in February 2024, specifically affecting Linux kernel versions from 4.11.0 up to (excluding) 6.6.14 and from 6.7.0 up to (excluding) 6.7.2. The vulnerability involves a NULL pointer dereference in the spectrum_acl_tcam error path when calling mlxsw_sp_acl_tcam_region_destroy() after failing to attach the region to an ACL group (NVD).

The vulnerability occurs in the mlxsw driver's spectrum_acl_tcam component when attempting to destroy a TCAM region after a failed ACL group attachment. Specifically, the issue manifests as a NULL pointer dereference upon accessing 'region->group->tcam'. The CVSS v3.1 base score is 5.5 (MEDIUM) with a vector of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The vulnerability is classified as CWE-476 (NULL Pointer Dereference) (NVD).

The vulnerability can lead to a system crash due to NULL pointer dereference, potentially causing a denial of service condition. The impact is limited to availability with no direct effects on confidentiality or integrity of the system (NVD).

The vulnerability has been fixed by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam() instead of accessing it through region->group->tcam. The fix has been implemented in the Linux kernel, and users should update to kernel versions 6.6.14, 6.7.2, or later to address this issue (Kernel Patch).