CVE-2024-46865

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-46865
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46865.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-46865
Downstream
Related
Published
2024-09-27T12:42:53Z
Modified
2025-10-15T00:57:50.969778Z
Summary
fou: fix initialization of grc
Details

In the Linux kernel, the following vulnerability has been resolved:

fou: fix initialization of grc

The grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
231c235d2f7a66f018f172e26ffd47c363f244ef
Fixed
392f6a97fcbecc64f0c00058b2db5bb0e4b8cc3e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4494bccb52ffda22ce5a1163a776d970e6229e08
Fixed
16ff0895283058b0f96d4fe277aa25ee096f0ea8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d7567f098f54cb53ee3cee1c82e3d0ed9698b6b3
Fixed
5d537b8d900514509622ce92330b70d2e581d409
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1df42be305fe478ded1ee0c1d775f4ece713483b
Fixed
7ae890ee19479eeeb87724cca8430b5cb3660c74
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c46cd6aaca81040deaea3500ba75126963294bd9
Fixed
aca06c617c83295f0caa486ad608fbef7bdc11e8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7e4196935069947d8b70b09c1660b67b067e75cb
Fixed
4c8002277167125078e6b9b90137bdf443ebaa08

Affected versions

v5.*

v5.10.226
v5.15.167

v6.*

v6.1.110
v6.10.10
v6.11-rc6
v6.6.51

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "line_hashes": [
                    "108183251033906954537650695467840072874",
                    "264933032170649917808059623648346965463",
                    "255812906277384801070747772132863490860",
                    "139562462276980264170703554924293647031",
                    "307698618456194960112608550447118904977",
                    "290819304891057063839171856013593000657"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "net/ipv4/fou.c"
            },
            "id": "CVE-2024-46865-03c9e9d7",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@392f6a97fcbecc64f0c00058b2db5bb0e4b8cc3e",
            "deprecated": false,
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "digest": {
                "line_hashes": [
                    "108183251033906954537650695467840072874",
                    "264933032170649917808059623648346965463",
                    "255812906277384801070747772132863490860",
                    "139562462276980264170703554924293647031",
                    "307698618456194960112608550447118904977",
                    "200494607864064685256928797776517836056"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "net/ipv4/fou.c"
            },
            "id": "CVE-2024-46865-3172990b",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5d537b8d900514509622ce92330b70d2e581d409",
            "deprecated": false,
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 2185.0,
                "function_hash": "338031488971888474050087556938791224785"
            },
            "target": {
                "function": "gue_gro_receive",
                "file": "net/ipv4/fou.c"
            },
            "id": "CVE-2024-46865-3333b8ea",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5d537b8d900514509622ce92330b70d2e581d409",
            "deprecated": false,
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "digest": {
                "line_hashes": [
                    "108183251033906954537650695467840072874",
                    "264933032170649917808059623648346965463",
                    "255812906277384801070747772132863490860",
                    "139562462276980264170703554924293647031",
                    "307698618456194960112608550447118904977",
                    "290819304891057063839171856013593000657"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "net/ipv4/fou.c"
            },
            "id": "CVE-2024-46865-4445d83f",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16ff0895283058b0f96d4fe277aa25ee096f0ea8",
            "deprecated": false,
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 2267.0,
                "function_hash": "158448586401455976296163726341661658153"
            },
            "target": {
                "function": "gue_gro_receive",
                "file": "net/ipv4/fou.c"
            },
            "id": "CVE-2024-46865-593f8a34",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16ff0895283058b0f96d4fe277aa25ee096f0ea8",
            "deprecated": false,
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 2185.0,
                "function_hash": "338031488971888474050087556938791224785"
            },
            "target": {
                "function": "gue_gro_receive",
                "file": "net/ipv4/fou_core.c"
            },
            "id": "CVE-2024-46865-6d932e80",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7ae890ee19479eeeb87724cca8430b5cb3660c74",
            "deprecated": false,
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 2187.0,
                "function_hash": "153221951034877279194745576135253485890"
            },
            "target": {
                "function": "gue_gro_receive",
                "file": "net/ipv4/fou_core.c"
            },
            "id": "CVE-2024-46865-b4e982d3",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c8002277167125078e6b9b90137bdf443ebaa08",
            "deprecated": false,
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 2187.0,
                "function_hash": "153221951034877279194745576135253485890"
            },
            "target": {
                "function": "gue_gro_receive",
                "file": "net/ipv4/fou_core.c"
            },
            "id": "CVE-2024-46865-bdbc67e0",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aca06c617c83295f0caa486ad608fbef7bdc11e8",
            "deprecated": false,
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "digest": {
                "line_hashes": [
                    "108183251033906954537650695467840072874",
                    "264933032170649917808059623648346965463",
                    "255812906277384801070747772132863490860",
                    "139562462276980264170703554924293647031",
                    "307698618456194960112608550447118904977",
                    "200494607864064685256928797776517836056"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "net/ipv4/fou_core.c"
            },
            "id": "CVE-2024-46865-c21db7ba",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aca06c617c83295f0caa486ad608fbef7bdc11e8",
            "deprecated": false,
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "digest": {
                "line_hashes": [
                    "108183251033906954537650695467840072874",
                    "264933032170649917808059623648346965463",
                    "255812906277384801070747772132863490860",
                    "139562462276980264170703554924293647031",
                    "307698618456194960112608550447118904977",
                    "200494607864064685256928797776517836056"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "net/ipv4/fou_core.c"
            },
            "id": "CVE-2024-46865-cd720fd4",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7ae890ee19479eeeb87724cca8430b5cb3660c74",
            "deprecated": false,
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "digest": {
                "line_hashes": [
                    "108183251033906954537650695467840072874",
                    "264933032170649917808059623648346965463",
                    "255812906277384801070747772132863490860",
                    "139562462276980264170703554924293647031",
                    "307698618456194960112608550447118904977",
                    "200494607864064685256928797776517836056"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "net/ipv4/fou_core.c"
            },
            "id": "CVE-2024-46865-db36f447",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c8002277167125078e6b9b90137bdf443ebaa08",
            "deprecated": false,
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 2267.0,
                "function_hash": "158448586401455976296163726341661658153"
            },
            "target": {
                "function": "gue_gro_receive",
                "file": "net/ipv4/fou.c"
            },
            "id": "CVE-2024-46865-f0092c2e",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@392f6a97fcbecc64f0c00058b2db5bb0e4b8cc3e",
            "deprecated": false,
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.10.226
Fixed
5.10.227
Type
ECOSYSTEM
Events
Introduced
5.15.167
Fixed
5.15.168
Type
ECOSYSTEM
Events
Introduced
6.1.110
Fixed
6.1.111
Type
ECOSYSTEM
Events
Introduced
6.6.51
Fixed
6.6.52
Type
ECOSYSTEM
Events
Introduced
6.10.10
Fixed
6.10.11