CVE-2024-46677: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46677 is a vulnerability in the Linux kernel's GTP (GPRS Tunneling Protocol) implementation, discovered during code inspection and disclosed on September 13, 2024. The vulnerability affects Linux kernel versions from 4.12 up to versions before 4.19.321, 5.4.283, 5.10.225, 5.15.166, and several other version ranges. The issue occurs in the gtpencapenablesocket() function where a NULL pointer dereference is possible when sockfdlookup() fails (NVD).

The vulnerability stems from a NULL pointer handling issue in the Linux kernel's GTP implementation. Specifically, when sockfdlookup() fails, the gtpencapenablesocket() function returns a NULL pointer, but its callers only check for error pointers, missing the NULL pointer case. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access required with low attack complexity (NVD).

The vulnerability could lead to a NULL pointer dereference in the Linux kernel's GTP implementation, potentially causing system crashes or denial of service conditions. The CVSS scoring indicates that while there are no direct impacts on confidentiality or integrity, there is a high impact on system availability (NVD).

The vulnerability has been fixed in the Linux kernel through a patch that modifies the gtpencapenablesocket() function to return an error pointer with the error code carried from sockfdlookup() instead of returning NULL. The fix has been backported to multiple kernel versions and is available in the respective security updates (Kernel Patch).