{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-35857", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.106Z", "datePublished": "2024-05-17T14:47:32.763Z", "dateUpdated": "2025-05-04T09:06:58.879Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:06:58.879Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: prevent possible NULL dereferences from icmp_build_probe()\n\nFirst problem is a double call to __in_dev_get_rcu(), because\nthe second one could return NULL.\n\nif (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list)\n\nSecond problem is a read from dev->ip6_ptr with no NULL check:\n\nif (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list))\n\nUse the correct RCU API to fix these.\n\nv2: add missing include <net/addrconf.h>"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/icmp.c"], "versions": [{"version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401", "status": "affected", "versionType": "git"}, {"version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "599c9ad5e1d43f5c12d869f5fd406ba5d8c55270", "status": "affected", "versionType": "git"}, {"version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "d68dc711d84fdcf698e5d45308c3ddeede586350", "status": "affected", "versionType": "git"}, {"version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "3e2979bf080c40da4f7c93aff8575ab8bc62b767", "status": "affected", "versionType": "git"}, {"version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "c58e88d49097bd12dfcfef4f075b43f5d5830941", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/icmp.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.158", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.90", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.30", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.9", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "5.15.158"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.1.90"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.6.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.8.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401"}, {"url": "https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270"}, {"url": "https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350"}, {"url": "https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767"}, {"url": "https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941"}], "title": "icmp: prevent possible NULL dereferences from icmp_build_probe()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-05-17T16:57:35.906301Z", "id": "CVE-2024-35857", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T21:12:11.212Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.567Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.567Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-35857", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-17T16:57:35.906301Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:24.563Z"}}], "cna": {"title": "icmp: prevent possible NULL dereferences from icmp_build_probe()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401", "versionType": "git"}, {"status": "affected", "version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "599c9ad5e1d43f5c12d869f5fd406ba5d8c55270", "versionType": "git"}, {"status": "affected", "version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "d68dc711d84fdcf698e5d45308c3ddeede586350", "versionType": "git"}, {"status": "affected", "version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "3e2979bf080c40da4f7c93aff8575ab8bc62b767", "versionType": "git"}, {"status": "affected", "version": "d329ea5bd8845f0b196bf41b18b6173340d6e0e4", "lessThan": "c58e88d49097bd12dfcfef4f075b43f5d5830941", "versionType": "git"}], "programFiles": ["net/ipv4/icmp.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.13"}, {"status": "unaffected", "version": "0", "lessThan": "5.13", "versionType": "semver"}, {"status": "unaffected", "version": "5.15.158", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.90", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.30", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.9", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/ipv4/icmp.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401"}, {"url": "https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270"}, {"url": "https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350"}, {"url": "https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767"}, {"url": "https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: prevent possible NULL dereferences from icmp_build_probe()\n\nFirst problem is a double call to __in_dev_get_rcu(), because\nthe second one could return NULL.\n\nif (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list)\n\nSecond problem is a read from dev->ip6_ptr with no NULL check:\n\nif (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list))\n\nUse the correct RCU API to fix these.\n\nv2: add missing include <net/addrconf.h>"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:56:42.662Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35857", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:56:42.662Z", "dateReserved": "2024-05-17T13:50:33.106Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T14:47:32.763Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "455B5CF7-CA2E-4D45-87B0-103A28996A45", "versionEndExcluding": "5.15.158", "versionStartIncluding": "5.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "59CEDDCF-5C0D-4939-9CFE-2F4524892DD3", "versionEndExcluding": "6.1.90", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "84046DAF-73CF-429D-9BA4-05B658B377B5", "versionEndExcluding": "6.6.30", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F9041E5-8358-4EF7-8F98-B812EDE49612", "versionEndExcluding": "6.8.9", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*", "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: prevent possible NULL dereferences from icmp_build_probe()\n\nFirst problem is a double call to __in_dev_get_rcu(), because\nthe second one could return NULL.\n\nif (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list)\n\nSecond problem is a read from dev->ip6_ptr with no NULL check:\n\nif (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list))\n\nUse the correct RCU API to fix these.\n\nv2: add missing include <net/addrconf.h>"}, {"lang": "es", "value": " En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: icmp: evita posibles desreferencias a NULL por parte de icmp_build_probe(). El primer problema es una doble llamada a __in_dev_get_rcu(), porque la segunda podr\u00eda devolver NULL. if (__in_dev_get_rcu(dev) &amp;&amp; __in_dev_get_rcu(dev)-&gt;ifa_list) El segundo problema es una lectura de dev-&gt;ip6_ptr sin verificaci\u00f3n NULL: if (!list_empty(&amp;rcu_dereference(dev-&gt;ip6_ptr)-&gt;addr_list)) Use el correcto API de RCU para solucionarlos. v2: agregar falta incluir "}], "id": "CVE-2024-35857", "lastModified": "2025-04-07T18:58:12.943", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-17T15:15:23.090", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:4928", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.28.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4928", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.28.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4533", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.73.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-15T00:00:00Z"}, {"advisory": "RHSA-2024:4554", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.73.1.rt14.358.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-15T00:00:00Z"}], "bugzilla": {"description": "kernel: icmp: prevent possible NULL dereferences from icmp_build_probe()", "id": "2281247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281247"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nicmp: prevent possible NULL dereferences from icmp_build_probe()\nFirst problem is a double call to __in_dev_get_rcu(), because\nthe second one could return NULL.\nif (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list)\nSecond problem is a read from dev->ip6_ptr with no NULL check:\nif (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list))\nUse the correct RCU API to fix these.\nv2: add missing include <net/addrconf.h>", "A flaw was found in the Linux kernel's ICMP protocol. Under some conditions, a NULL pointer dereference can be triggered due to a missing check, causing a system crash and resulting in a denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35857", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35857\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35857\nhttps://lore.kernel.org/linux-cve-announce/2024051741-CVE-2024-35857-837c@gregkh/T"], "statement": "The Linux kernel as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of the Linux kernel.", "threat_severity": "Moderate"}