cve/2024/CVE-2024-36903.md

### [CVE-2024-36903](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36903)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=02ed5700f40445af02d1c97db25ffc2d04971d9f%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=0cf600ca1bdf1d52df977516ee6cee0cadb1f6b1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=165370522cc48127da564a08584a7391e6341908%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2c9cefc142c1dc2759e19a92d3b2b3715e985beb%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=605b056d63302ae84eb136e88d4df49124bd5e0d%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=d65ff2fe877c471aa6e79efa7bd8ff66e147c317%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=ea30388baebcce37fd594d425a65037ca35e59e8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=f394f690a30a5ec0413c62777a058eaf3d6e10d5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:ipv6: Fix potential uninit-value access in __ip6_make_skb()As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access in__ip_make_skb()") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6->flowi6_flagsinstead of testing HDRINCL on the socket to avoid a race condition whichcauses uninit-value access.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/w4zu/Debian_security
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-36903](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36903)`
			`![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=02ed5700f40445af02d1c97db25ffc2d04971d9f%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=0cf600ca1bdf1d52df977516ee6cee0cadb1f6b1%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=165370522cc48127da564a08584a7391e6341908%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2c9cefc142c1dc2759e19a92d3b2b3715e985beb%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.3%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=605b056d63302ae84eb136e88d4df49124bd5e0d%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=d65ff2fe877c471aa6e79efa7bd8ff66e147c317%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=ea30388baebcce37fd594d425a65037ca35e59e8%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=f394f690a30a5ec0413c62777a058eaf3d6e10d5%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)`

			`### Description`

			`In the Linux kernel, the following vulnerability has been resolved:ipv6: Fix potential uninit-value access in __ip6_make_skb()As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access in__ip_make_skb()") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6->flowi6_flagsinstead of testing HDRINCL on the socket to avoid a race condition whichcauses uninit-value access.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`
			`- https://github.com/w4zu/Debian_security`