CVE-2024-26597: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-26597 is a vulnerability discovered in the Linux kernel's Qualcomm RMNET driver. The issue was identified when the variable rmnet_link_ops assigned a larger maxtype value, which led to a global out-of-bounds read vulnerability when parsing netlink attributes. The vulnerability was disclosed in February 2024 and affects Linux kernel versions from 4.17.0 up to versions before 6.7.2 (NVD).

The vulnerability occurs in the rmnet_config.c file where the rmnet_link_ops structure incorrectly uses __IFLA_RMNET_MAX instead of IFLA_RMNET_MAX for its maxtype value. According to the comment in nla_parse_nested_deprecated, the maxtype should be len(destination array) - 1. This incorrect value assignment leads to a global out-of-bounds read when validating netlink attributes. The issue has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability can lead to a global out-of-bounds read condition, potentially allowing an attacker to access memory outside of intended boundaries. This could result in information disclosure or system crashes, affecting the confidentiality and availability of the system (Kernel Patch).

The vulnerability has been fixed by changing the maxtype value from __IFLA_RMNET_MAX to IFLA_RMNET_MAX in the rmnet_link_ops structure. Users should update their Linux kernel to versions that include the fix. The patch has been backported to multiple stable kernel versions (Kernel Patch).