CVE-2024-26793: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-26793 affects the Linux kernel's GTP (GPRS Tunneling Protocol) module, specifically in the gtp_newlink() function. The vulnerability was discovered and reported in early 2024, affecting Linux kernel versions from 4.7 through 6.8-rc6. The issue involves both a use-after-free condition and a null pointer dereference in the GTP module (NVD).

The vulnerability stems from an incorrect registration order of operations structures in the GTP module. The gtplinkops operations structure was being registered before the gtpnetops pernet operations structure, leading to potential use-after-free and null pointer dereference conditions. The issue manifests as a general protection fault in the gtpgenldump_pdp function. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability can lead to a denial of service condition through kernel crashes, and potentially allows for arbitrary code execution with elevated privileges. The issue affects systems running the Linux kernel with the GTP module enabled (NVD).

The vulnerability has been fixed by modifying the registration order in the GTP module initialization. The fix ensures that gtpnetops pernet operations structure is registered before the gtplinkops operations structure. The patch has been backported to multiple stable kernel versions (Kernel Patch).