cve 2024 36008

CVE-2024-36008 is a Linux kernel vulnerability affecting the IPv4 routing subsystem. Discovered via syzbot, it involves a NULL pointer dereference in the fib_validate_source() function that can crash a system when processing specially crafted IPv4 packets. The flaw has been patched in mid-2024 and is considered real and reproducible under certain configurations. While the impact is limited to availability (denial of service) and requires local or low-privilege access to trigger, it is relevant for network administrators and cloud operators running affected kernel versions. Discussions on WindowsForum highlight the bug's technical details, reproduction conditions, and the importance of applying the fix to maintain system stability.