CVE-2024-36946: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-36946 is a vulnerability discovered in the Linux kernel's Phonet protocol implementation, specifically in the rtmphonetnotify() function's socket buffer (skb) allocation. The vulnerability was disclosed on May 30, 2024, affecting various versions of the Linux kernel. The issue involves incorrect memory allocation for network message components (NVD).

The vulnerability stems from an incorrect calculation of buffer size in the rtmphonetnotify() function. The fillroute() function stores three components in the skb: struct rtmsg, RTADST (u8), and RTAOIF (u32). The fix involves modifying the allocation size to use NLMSGALIGN(sizeof(struct rtmsg)) + nlatotalsize(1) + nlatotalsize(4) instead of the previously incorrect sizeof(struct ifaddrmsg) calculation (Kernel Commit).

According to security assessments, successful exploitation of this vulnerability could lead to addition or modification of data or Denial of Service (DoS). The vulnerability has been assigned a CVSS v3.1 score of 7.1 (HIGH) with the vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H (NetApp Advisory).

The vulnerability has been patched in various Linux kernel versions. Multiple distributions have released updates to address this issue, including Ubuntu which has fixed it in versions 6.8.0-40.40 for 24.04 LTS, 5.15.0-118.128 for 22.04 LTS, and other supported releases (Ubuntu Security). Users are advised to update their systems to the latest available kernel version that includes the fix.