CVE-2024-36971: Android Kernel Remote Code Execution Vulnerability

Published Jun 10, 2024
·
Updated

Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limited to Android OS.

Other sources

In the Linux kernel, the following vulnerability has been resolved:

net: fix dstnegativeadvice() race

dstnegativeadvice() does not enforce proper RCU rules when sk->dstcache must be cleared, leading to possible UAF.

RCU rules are that we must first clear sk->skdstcache, then call dstrelease(olddst).

Note that skdstreset(sk) is implementing this protocol correctly, while dstnegativeadvice() uses the wrong order.

Given that ip6negativeadvice() has special logic against RTFCACHE, this means each of the three ->negativeadvice() existing methods must perform the skdstreset() themselves.

Note the check against NULL dst is centralized in dstnegativeadvice(), there is no need to duplicate it in various callbacks.

Many thanks to Clement Lecigne for tracking this issue.

This old bug became visible after the blamed commit, using UDP sockets.

IBM

In the Linux kernel, the following vulnerability has been resolved:

net: fix dstnegativeadvice() race

The Linux kernel CVE team has assigned CVE-2024-36971 to this issue.

Upstream advisory: https://lore.kernel.org/linux-cve-announce/20240610090330.1347021-2-lee@kernel.org/T

Red Hat

Affected Software

22 affected componentsFixes available
Android Kernel
Google Android
IBM Security Verify Governance<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2
F5 Traffix SDC=5.2.0
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1
Debian Debian Linux=10.0
Linux Linux kernel>=4.6<4.19.316
Linux Linux kernel>=4.20<5.4.278
Linux Linux kernel>=5.5<5.10.219
Linux Linux kernel>=5.11<5.15.161
Linux Linux kernel>=5.16<6.1.94
Linux Linux kernel>=6.2<6.6.34
Linux Linux kernel>=6.7<6.9.4
redhat/kernel<6.10
6.10
Microsoft cbl2 kernel 5.15.162.2-1
Patch available
Microsoft azl3 kernel 6.6.35.1-5
Patch available
Microsoft azl3 kernel 6.6.35.1-4
Patch available
Microsoft cbl2 kernel 5.15.158.2-1
Patch available
Microsoft cbl2 kernel 5.15.162.2-1
Patch available

Remediation

Information

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Patch Available

https://git.kernel.org/stable/c/051c0bde9f0450a2ec3d62a86d2a0d2fad117f13

Patch Available

https://git.kernel.org/stable/c/2295a7ef5c8c49241bff769e7826ef2582e532a6

Patch Available

https://git.kernel.org/stable/c/5af198c387128a9d2ddd620b0f0803564a4d4508

Patch Available

https://git.kernel.org/stable/c/81dd3c82a456b0015461754be7cb2693991421b4

Patch Available

https://git.kernel.org/stable/c/92f1655aa2b2294d0b49925f3b875a634bd3b59e

Patch Available

https://git.kernel.org/stable/c/b8af8e6118a6605f0e495a58d591ca94a85a50fc

Patch Available

https://git.kernel.org/stable/c/db0082825037794c5dba9959c9de13ca34cc5e72

Patch Available

https://git.kernel.org/stable/c/eacb8b195579c174a6d3e12a9690b206eb7f28cf

Patch Available

https://git.kernel.org/linus/a87cb3e48ee86d29868d3f59cfb9ce1a8fa63314

Patch Available

https://git.kernel.org/linus/92f1655aa2b2294d0b49925f3b875a634bd3b59e

Event History

Jun 10, 2024
CVE Published
via MITRE·09:03 AM
Data Sourced
via MITRE·09:03 AM
Description
Data Sourced
via NVD·09:15 AM
RemedyDescriptionSeverityWeaknessAffected Software
Jun 13, 2024
Data Sourced
via Microsoft·07:00 AM
DescriptionSeverityWeakness
Data Sourced
via Microsoft·07:00 AM
Affected Software
Updated
via Microsoft·07:00 AM
SeverityAffected Software
Updated
via Microsoft·07:00 AM
DescriptionSeverity
Jun 14, 2024
Data Sourced
via Red Hat·04:02 AM
DescriptionSeverityAffected Software
Aug 5, 2024
News Published
via BleepingComputer·10:40 PM
News Published
via BleepingComputer·10:42 PM
Aug 6, 2024
News Published
via The Register·06:23 PM
News Published
via The Register·06:29 PM
Aug 7, 2024
Known Exploited
via CISA·12:00 AM
Aug 8, 2024
News Published
via BleepingComputer·07:43 PM
Data Sourced
via Launchpad·11:27 PM
Description
Sep 6, 2024
Advisory Published
via F5·08:51 PM
Apr 27, 2025
Data Sourced
via Ubuntu·12:27 AM
RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2024-36971?

CVE-2024-36971 is a critical vulnerability that allows for remote code execution in the Android kernel.

2

How do I fix CVE-2024-36971?

To mitigate CVE-2024-36971, update your Android kernel to the versions recommended by your vendor.

3

Which systems are affected by CVE-2024-36971?

CVE-2024-36971 impacts various products including the Android OS and certain versions of the Linux kernel.

4

What kind of attacks can exploit CVE-2024-36971?

CVE-2024-36971 can be exploited via targeted remote code execution attacks.

5

When was CVE-2024-36971 discovered?

CVE-2024-36971 was identified in 2024 and is associated with active exploitation.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203