Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0837
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.112-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-46755",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46755"
},
{
"name": "CVE-2024-46826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46826"
},
{
"name": "CVE-2024-46770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46770"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-46713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
},
{
"name": "CVE-2024-46844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46844"
},
{
"name": "CVE-2024-46849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46849"
},
{
"name": "CVE-2024-46815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46815"
},
{
"name": "CVE-2024-42314",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42314"
},
{
"name": "CVE-2024-41016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41016"
},
{
"name": "CVE-2024-46676",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46676"
},
{
"name": "CVE-2024-46740",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46740"
},
{
"name": "CVE-2024-46798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46798"
},
{
"name": "CVE-2024-46735",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46735"
},
{
"name": "CVE-2024-46707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46707"
},
{
"name": "CVE-2024-45029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45029"
},
{
"name": "CVE-2024-46747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46747"
},
{
"name": "CVE-2024-45002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45002"
},
{
"name": "CVE-2024-46835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46835"
},
{
"name": "CVE-2024-35966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35966"
},
{
"name": "CVE-2024-46738",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46738"
},
{
"name": "CVE-2024-46679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46679"
},
{
"name": "CVE-2024-46734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46734"
},
{
"name": "CVE-2024-46855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46855"
},
{
"name": "CVE-2024-46673",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46673"
},
{
"name": "CVE-2024-46724",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46724"
},
{
"name": "CVE-2024-46791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46791"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-45026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45026"
},
{
"name": "CVE-2024-44946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44946"
},
{
"name": "CVE-2024-46800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46800"
},
{
"name": "CVE-2024-46750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46750"
},
{
"name": "CVE-2024-46722",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46722"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-46745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46745"
},
{
"name": "CVE-2024-46819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46819"
},
{
"name": "CVE-2024-46721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46721"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46822",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46822"
},
{
"name": "CVE-2024-44991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44991"
},
{
"name": "CVE-2024-42228",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42228"
},
{
"name": "CVE-2024-46685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46685"
},
{
"name": "CVE-2024-45000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45000"
},
{
"name": "CVE-2024-44998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44998"
},
{
"name": "CVE-2024-46723",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46723"
},
{
"name": "CVE-2024-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46828"
},
{
"name": "CVE-2024-46836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46836"
},
{
"name": "CVE-2024-46675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46675"
},
{
"name": "CVE-2024-46783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46783"
},
{
"name": "CVE-2024-46846",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46846"
},
{
"name": "CVE-2024-40972",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40972"
},
{
"name": "CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"name": "CVE-2024-46715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46715"
},
{
"name": "CVE-2024-46689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46689"
},
{
"name": "CVE-2024-46802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46802"
},
{
"name": "CVE-2024-46781",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46781"
},
{
"name": "CVE-2024-46777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46777"
},
{
"name": "CVE-2024-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35937"
},
{
"name": "CVE-2024-46714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46714"
},
{
"name": "CVE-2024-46807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46807"
},
{
"name": "CVE-2024-44938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44938"
},
{
"name": "CVE-2024-46857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46857"
},
{
"name": "CVE-2024-45010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45010"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2024-46731",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46731"
},
{
"name": "CVE-2024-46674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46674"
},
{
"name": "CVE-2024-46859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46859"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-44995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44995"
},
{
"name": "CVE-2024-46757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46757"
},
{
"name": "CVE-2024-46677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46677"
},
{
"name": "CVE-2024-44999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44999"
},
{
"name": "CVE-2024-44988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44988"
},
{
"name": "CVE-2024-46830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46830"
},
{
"name": "CVE-2024-46773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46773"
},
{
"name": "CVE-2024-46854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46854"
},
{
"name": "CVE-2024-46758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46758"
},
{
"name": "CVE-2024-46746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46746"
},
{
"name": "CVE-2024-44974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44974"
},
{
"name": "CVE-2024-46756",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46756"
},
{
"name": "CVE-2024-46739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46739"
},
{
"name": "CVE-2024-45006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45006"
},
{
"name": "CVE-2024-46725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46725"
},
{
"name": "CVE-2024-46829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46829"
},
{
"name": "CVE-2024-44977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44977"
},
{
"name": "CVE-2024-41098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41098"
},
{
"name": "CVE-2023-31083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31083"
},
{
"name": "CVE-2024-46743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46743"
},
{
"name": "CVE-2024-46744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46744"
},
{
"name": "CVE-2024-46805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46805"
},
{
"name": "CVE-2024-45007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45007"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-46780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46780"
},
{
"name": "CVE-2024-46817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46817"
},
{
"name": "CVE-2024-44940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44940"
},
{
"name": "CVE-2024-46771",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46771"
},
{
"name": "CVE-2024-46717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46717"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-46810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46810"
},
{
"name": "CVE-2024-43835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43835"
},
{
"name": "CVE-2024-46794",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46794"
},
{
"name": "CVE-2024-46711",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46711"
},
{
"name": "CVE-2024-46804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46804"
},
{
"name": "CVE-2024-46732",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46732"
},
{
"name": "CVE-2024-46840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46840"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46759",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46759"
},
{
"name": "CVE-2024-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43859"
},
{
"name": "CVE-2024-45022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45022"
},
{
"name": "CVE-2024-46720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46720"
},
{
"name": "CVE-2024-46737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46737"
},
{
"name": "CVE-2024-45019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45019"
},
{
"name": "CVE-2024-46814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46814"
},
{
"name": "CVE-2024-46818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46818"
},
{
"name": "CVE-2024-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46848"
},
{
"name": "CVE-2024-46852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46852"
},
{
"name": "CVE-2024-43884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43884"
},
{
"name": "CVE-2024-45003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45003"
},
{
"name": "CVE-2024-44931",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44931"
},
{
"name": "CVE-2024-46686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46686"
},
{
"name": "CVE-2024-46832",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46832"
},
{
"name": "CVE-2024-46752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46752"
},
{
"name": "CVE-2024-45021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45021"
},
{
"name": "CVE-2024-45025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45025"
},
{
"name": "CVE-2024-46761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46761"
},
{
"name": "CVE-2024-41096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41096"
},
{
"name": "CVE-2024-46853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46853"
},
{
"name": "CVE-2024-46795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46795"
},
{
"name": "CVE-2024-45008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45008"
},
{
"name": "CVE-2024-46726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46726"
},
{
"name": "CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"name": "CVE-2024-44987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44987"
},
{
"name": "CVE-2024-44982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44982"
},
{
"name": "CVE-2024-46694",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46694"
},
{
"name": "CVE-2024-45011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45011"
},
{
"name": "CVE-2024-46865",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46865"
},
{
"name": "CVE-2024-45009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45009"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2024-45028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45028"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-46702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46702"
},
{
"name": "CVE-2024-46719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46719"
},
{
"name": "CVE-2024-44947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44947"
},
{
"name": "CVE-2024-44985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44985"
},
{
"name": "CVE-2024-46858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46858"
},
{
"name": "CVE-2024-46716",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46716"
},
{
"name": "CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"name": "CVE-2024-45016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45016"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0837",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2024-10-03",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-5782-1",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00195.html"
}
]
}
CVE-2023-31083 (GCVE-0-2023-31083)
Vulnerability from cvelistv5 – Published: 2023-04-24 00:00 – Updated: 2025-11-03 21:48
VLAI?
EPSS
Summary
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:48:24.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lore.kernel.org/all/CA+UBctC3p49aTgzbVgkSZ2+TQcqq4fPDO7yZitFT5uBPDeCO2g%40mail.gmail.com/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230929-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c33663af9ad115f90c076a1828129a3fbadea98"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1210780"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu-\u003eproto is set. A NULL pointer dereference may occur."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-25T00:41:51.289Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://lore.kernel.org/all/CA+UBctC3p49aTgzbVgkSZ2+TQcqq4fPDO7yZitFT5uBPDeCO2g%40mail.gmail.com/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230929-0003/"
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c33663af9ad115f90c076a1828129a3fbadea98"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1210780"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-31083",
"datePublished": "2023-04-24T00:00:00.000Z",
"dateReserved": "2023-04-24T00:00:00.000Z",
"dateUpdated": "2025-11-03T21:48:24.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-27017 (GCVE-0-2024-27017)
Vulnerability from cvelistv5 – Published: 2024-05-01 05:30 – Updated: 2026-05-23 15:41
VLAI?
EPSS
Title
netfilter: nft_set_pipapo: walk over current view on netlink dump
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_pipapo: walk over current view on netlink dump
The generation mask can be updated while netlink dump is in progress.
The pipapo set backend walk iterator cannot rely on it to infer what
view of the datastructure is to be used. Add notation to specify if user
wants to read/update the set.
Based on patch from Florian Westphal.
Severity ?
No CVSS data available.
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
2a90da8e0dd50f42e577988f4219f4f4cd3616b7 , < ff89db14c63a827066446460e39226c0688ef786
(git)
Affected: 45eb6944d0f55102229115de040ef3a48841434a , < ce9fef54c5ec9912a0c9a47bac3195cc41b14679 (git) Affected: 0d836f917520300a8725a5dbdad4406438d0cead , < 52735a010f37580b3a569a996f878fdd87425650 (git) Affected: 2b84e215f87443c74ac0aa7f76bb172d43a87033 , < f24d8abc2bb8cbf31ec713336e402eafa8f42f60 (git) Affected: 2b84e215f87443c74ac0aa7f76bb172d43a87033 , < 721715655c72640567e8742567520c99801148ed (git) Affected: 2b84e215f87443c74ac0aa7f76bb172d43a87033 , < 29b359cf6d95fd60730533f7f10464e95bd17c73 (git) Affected: f661383b5f1aaac3fe121b91e04332944bc90193 (git) Affected: 5.10.186 , < 5.10.227 (semver) Affected: 5.15.119 , < 5.15.168 (semver) Affected: 6.1.36 , < 6.1.112 (semver) Affected: 6.3.10 , < 6.4 (semver) |
|
| Linux | Linux |
Affected:
6.4
Unaffected: 0 , < 6.4 (semver) Unaffected: 5.10.227 , ≤ 5.10.* (semver) Unaffected: 5.15.168 , ≤ 5.15.* (semver) Unaffected: 6.1.112 , ≤ 6.1.* (semver) Unaffected: 6.6.53 , ≤ 6.6.* (semver) Unaffected: 6.8.8 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27017",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T16:20:37.656440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:47:29.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:17:24.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/net/netfilter/nf_tables.h",
"net/netfilter/nf_tables_api.c",
"net/netfilter/nft_set_pipapo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "ff89db14c63a827066446460e39226c0688ef786",
"status": "affected",
"version": "2a90da8e0dd50f42e577988f4219f4f4cd3616b7",
"versionType": "git"
},
{
"lessThan": "ce9fef54c5ec9912a0c9a47bac3195cc41b14679",
"status": "affected",
"version": "45eb6944d0f55102229115de040ef3a48841434a",
"versionType": "git"
},
{
"lessThan": "52735a010f37580b3a569a996f878fdd87425650",
"status": "affected",
"version": "0d836f917520300a8725a5dbdad4406438d0cead",
"versionType": "git"
},
{
"lessThan": "f24d8abc2bb8cbf31ec713336e402eafa8f42f60",
"status": "affected",
"version": "2b84e215f87443c74ac0aa7f76bb172d43a87033",
"versionType": "git"
},
{
"lessThan": "721715655c72640567e8742567520c99801148ed",
"status": "affected",
"version": "2b84e215f87443c74ac0aa7f76bb172d43a87033",
"versionType": "git"
},
{
"lessThan": "29b359cf6d95fd60730533f7f10464e95bd17c73",
"status": "affected",
"version": "2b84e215f87443c74ac0aa7f76bb172d43a87033",
"versionType": "git"
},
{
"status": "affected",
"version": "f661383b5f1aaac3fe121b91e04332944bc90193",
"versionType": "git"
},
{
"lessThan": "5.10.227",
"status": "affected",
"version": "5.10.186",
"versionType": "semver"
},
{
"lessThan": "5.15.168",
"status": "affected",
"version": "5.15.119",
"versionType": "semver"
},
{
"lessThan": "6.1.112",
"status": "affected",
"version": "6.1.36",
"versionType": "semver"
},
{
"lessThan": "6.4",
"status": "affected",
"version": "6.3.10",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/net/netfilter/nf_tables.h",
"net/netfilter/nf_tables_api.c",
"net/netfilter/nft_set_pipapo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"lessThan": "6.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.227",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.168",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.112",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.53",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.227",
"versionStartIncluding": "5.10.186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.168",
"versionStartIncluding": "5.15.119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.112",
"versionStartIncluding": "6.1.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.53",
"versionStartIncluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.8",
"versionStartIncluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9",
"versionStartIncluding": "6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: walk over current view on netlink dump\n\nThe generation mask can be updated while netlink dump is in progress.\nThe pipapo set backend walk iterator cannot rely on it to infer what\nview of the datastructure is to be used. Add notation to specify if user\nwants to read/update the set.\n\nBased on patch from Florian Westphal."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:41:15.320Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/ff89db14c63a827066446460e39226c0688ef786"
},
{
"url": "https://git.kernel.org/stable/c/ce9fef54c5ec9912a0c9a47bac3195cc41b14679"
},
{
"url": "https://git.kernel.org/stable/c/52735a010f37580b3a569a996f878fdd87425650"
},
{
"url": "https://git.kernel.org/stable/c/f24d8abc2bb8cbf31ec713336e402eafa8f42f60"
},
{
"url": "https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed"
},
{
"url": "https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73"
}
],
"title": "netfilter: nft_set_pipapo: walk over current view on netlink dump",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27017",
"datePublished": "2024-05-01T05:30:01.888Z",
"dateReserved": "2024-02-19T14:20:24.209Z",
"dateUpdated": "2026-05-23T15:41:15.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-35937 (GCVE-0-2024-35937)
Vulnerability from cvelistv5 – Published: 2024-05-19 10:10 – Updated: 2026-05-11 20:14
VLAI?
EPSS
Title
wifi: cfg80211: check A-MSDU format more carefully
Summary
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: check A-MSDU format more carefully
If it looks like there's another subframe in the A-MSDU
but the header isn't fully there, we can end up reading
data out of bounds, only to discard later. Make this a
bit more careful and check if the subframe header can
even be present.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
966d5c2c22edcc0ab3d519af39f91a29329c979a , < 9eb3bc0973d084423a6df21cf2c74692ff05647e
(git)
Affected: 6e4c0d0460bd32ca9244dff3ba2d2da27235de11 , < 5d7a8585fbb31e88fb2a0f581b70667d3300d1e9 (git) Affected: 6e4c0d0460bd32ca9244dff3ba2d2da27235de11 , < 16da1e1dac23be45ef6e23c41b1508c400e6c544 (git) Affected: 6e4c0d0460bd32ca9244dff3ba2d2da27235de11 , < 9ad7974856926129f190ffbe3beea78460b3b7cc (git) |
|
| Linux | Linux |
Affected:
6.3
Unaffected: 0 , < 6.3 (semver) Unaffected: 6.6.27 , ≤ 6.6.* (semver) Unaffected: 6.8.6 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:55:02.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5d7a8585fbb31e88fb2a0f581b70667d3300d1e9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/16da1e1dac23be45ef6e23c41b1508c400e6c544"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9ad7974856926129f190ffbe3beea78460b3b7cc"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35937",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:40:52.262285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:14.984Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/wireless/util.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9eb3bc0973d084423a6df21cf2c74692ff05647e",
"status": "affected",
"version": "966d5c2c22edcc0ab3d519af39f91a29329c979a",
"versionType": "git"
},
{
"lessThan": "5d7a8585fbb31e88fb2a0f581b70667d3300d1e9",
"status": "affected",
"version": "6e4c0d0460bd32ca9244dff3ba2d2da27235de11",
"versionType": "git"
},
{
"lessThan": "16da1e1dac23be45ef6e23c41b1508c400e6c544",
"status": "affected",
"version": "6e4c0d0460bd32ca9244dff3ba2d2da27235de11",
"versionType": "git"
},
{
"lessThan": "9ad7974856926129f190ffbe3beea78460b3b7cc",
"status": "affected",
"version": "6e4c0d0460bd32ca9244dff3ba2d2da27235de11",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/wireless/util.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.27",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.27",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.6",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9",
"versionStartIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there\u0027s another subframe in the A-MSDU\nbut the header isn\u0027t fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:14:05.590Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9eb3bc0973d084423a6df21cf2c74692ff05647e"
},
{
"url": "https://git.kernel.org/stable/c/5d7a8585fbb31e88fb2a0f581b70667d3300d1e9"
},
{
"url": "https://git.kernel.org/stable/c/16da1e1dac23be45ef6e23c41b1508c400e6c544"
},
{
"url": "https://git.kernel.org/stable/c/9ad7974856926129f190ffbe3beea78460b3b7cc"
}
],
"title": "wifi: cfg80211: check A-MSDU format more carefully",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-35937",
"datePublished": "2024-05-19T10:10:43.615Z",
"dateReserved": "2024-05-17T13:50:33.131Z",
"dateUpdated": "2026-05-11T20:14:05.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-35943 (GCVE-0-2024-35943)
Vulnerability from cvelistv5 – Published: 2024-05-19 10:10 – Updated: 2026-05-11 20:14
VLAI?
EPSS
Title
pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
Summary
In the Linux kernel, the following vulnerability has been resolved:
pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
devm_kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure. Ensure the allocation was successful
by checking the pointer validity.
Severity ?
No CVSS data available.
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
58cbff023bfaeb9c290b5dbcc0a4bb327c653e18 , < e65f7eb117e1b44742212d65784236269085e736
(git)
Affected: 58cbff023bfaeb9c290b5dbcc0a4bb327c653e18 , < 984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5 (git) Affected: 58cbff023bfaeb9c290b5dbcc0a4bb327c653e18 , < bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8 (git) Affected: 58cbff023bfaeb9c290b5dbcc0a4bb327c653e18 , < ce666cecc09c0f92d5f86d89d8068ecfcf723a7e (git) Affected: 58cbff023bfaeb9c290b5dbcc0a4bb327c653e18 , < 04f23510daa40f9010fadf309507564a34ad956f (git) Affected: 58cbff023bfaeb9c290b5dbcc0a4bb327c653e18 , < 5d7f58ee08434a33340f75ac7ac5071eea9673b3 (git) |
|
| Linux | Linux |
Affected:
5.10
Unaffected: 0 , < 5.10 (semver) Unaffected: 5.10.237 , ≤ 5.10.* (semver) Unaffected: 5.15.181 , ≤ 5.15.* (semver) Unaffected: 6.1.111 , ≤ 6.1.* (semver) Unaffected: 6.6.27 , ≤ 6.6.* (semver) Unaffected: 6.8.6 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-17T17:38:23.711723Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-17T17:40:43.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:55:04.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ce666cecc09c0f92d5f86d89d8068ecfcf723a7e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/04f23510daa40f9010fadf309507564a34ad956f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5d7f58ee08434a33340f75ac7ac5071eea9673b3"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/pmdomain/ti/omap_prm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e65f7eb117e1b44742212d65784236269085e736",
"status": "affected",
"version": "58cbff023bfaeb9c290b5dbcc0a4bb327c653e18",
"versionType": "git"
},
{
"lessThan": "984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5",
"status": "affected",
"version": "58cbff023bfaeb9c290b5dbcc0a4bb327c653e18",
"versionType": "git"
},
{
"lessThan": "bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8",
"status": "affected",
"version": "58cbff023bfaeb9c290b5dbcc0a4bb327c653e18",
"versionType": "git"
},
{
"lessThan": "ce666cecc09c0f92d5f86d89d8068ecfcf723a7e",
"status": "affected",
"version": "58cbff023bfaeb9c290b5dbcc0a4bb327c653e18",
"versionType": "git"
},
{
"lessThan": "04f23510daa40f9010fadf309507564a34ad956f",
"status": "affected",
"version": "58cbff023bfaeb9c290b5dbcc0a4bb327c653e18",
"versionType": "git"
},
{
"lessThan": "5d7f58ee08434a33340f75ac7ac5071eea9673b3",
"status": "affected",
"version": "58cbff023bfaeb9c290b5dbcc0a4bb327c653e18",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/pmdomain/ti/omap_prm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.237",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.181",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.111",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.27",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.237",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.181",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.111",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.27",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.6",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9",
"versionStartIncluding": "5.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: ti: Add a null pointer check to the omap_prm_domain_init\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:14:11.400Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e65f7eb117e1b44742212d65784236269085e736"
},
{
"url": "https://git.kernel.org/stable/c/984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5"
},
{
"url": "https://git.kernel.org/stable/c/bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8"
},
{
"url": "https://git.kernel.org/stable/c/ce666cecc09c0f92d5f86d89d8068ecfcf723a7e"
},
{
"url": "https://git.kernel.org/stable/c/04f23510daa40f9010fadf309507564a34ad956f"
},
{
"url": "https://git.kernel.org/stable/c/5d7f58ee08434a33340f75ac7ac5071eea9673b3"
}
],
"title": "pmdomain: ti: Add a null pointer check to the omap_prm_domain_init",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-35943",
"datePublished": "2024-05-19T10:10:47.529Z",
"dateReserved": "2024-05-17T13:50:33.132Z",
"dateUpdated": "2026-05-11T20:14:11.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-35966 (GCVE-0-2024-35966)
Vulnerability from cvelistv5 – Published: 2024-05-20 09:41 – Updated: 2026-05-12 11:53
VLAI?
EPSS
Title
Bluetooth: RFCOMM: Fix not validating setsockopt user input
Summary
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: RFCOMM: Fix not validating setsockopt user input
syzbot reported rfcomm_sock_setsockopt_old() is copying data without
checking user input length.
BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset
include/linux/sockptr.h:49 [inline]
BUG: KASAN: slab-out-of-bounds in copy_from_sockptr
include/linux/sockptr.h:55 [inline]
BUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt_old
net/bluetooth/rfcomm/sock.c:632 [inline]
BUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt+0x893/0xa70
net/bluetooth/rfcomm/sock.c:673
Read of size 4 at addr ffff8880209a8bc3 by task syz-executor632/5064
Severity ?
No CVSS data available.
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
bb23c0ab824653be4aa7dfca15b07b3059717004 , < d072ea24748189cd8f4a9c3f585ca9af073a0838
(git)
Affected: bb23c0ab824653be4aa7dfca15b07b3059717004 , < 00767fbd67af70d7a550caa5b12d9515fa978bab (git) Affected: bb23c0ab824653be4aa7dfca15b07b3059717004 , < eea40d33bf936a5c7fb03c190e61e0cfee00e872 (git) Affected: bb23c0ab824653be4aa7dfca15b07b3059717004 , < 4ea65e2095e9bd151d0469328dd7fc2858feb546 (git) Affected: bb23c0ab824653be4aa7dfca15b07b3059717004 , < c3f787a3eafe519c93df9abbb0ca5145861c8d0f (git) Affected: bb23c0ab824653be4aa7dfca15b07b3059717004 , < a97de7bff13b1cc825c1b1344eaed8d6c2d3e695 (git) |
|
| Linux | Linux |
Affected:
2.6.30
Unaffected: 0 , < 2.6.30 (semver) Unaffected: 5.10.234 , ≤ 5.10.* (semver) Unaffected: 5.15.178 , ≤ 5.15.* (semver) Unaffected: 6.1.107 , ≤ 6.1.* (semver) Unaffected: 6.6.47 , ≤ 6.6.* (semver) Unaffected: 6.8.7 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35966",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T19:28:34.251629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:33:49.290Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:55:08.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c3f787a3eafe519c93df9abbb0ca5145861c8d0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a97de7bff13b1cc825c1b1344eaed8d6c2d3e695"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:53:16.942Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/bluetooth/rfcomm/sock.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d072ea24748189cd8f4a9c3f585ca9af073a0838",
"status": "affected",
"version": "bb23c0ab824653be4aa7dfca15b07b3059717004",
"versionType": "git"
},
{
"lessThan": "00767fbd67af70d7a550caa5b12d9515fa978bab",
"status": "affected",
"version": "bb23c0ab824653be4aa7dfca15b07b3059717004",
"versionType": "git"
},
{
"lessThan": "eea40d33bf936a5c7fb03c190e61e0cfee00e872",
"status": "affected",
"version": "bb23c0ab824653be4aa7dfca15b07b3059717004",
"versionType": "git"
},
{
"lessThan": "4ea65e2095e9bd151d0469328dd7fc2858feb546",
"status": "affected",
"version": "bb23c0ab824653be4aa7dfca15b07b3059717004",
"versionType": "git"
},
{
"lessThan": "c3f787a3eafe519c93df9abbb0ca5145861c8d0f",
"status": "affected",
"version": "bb23c0ab824653be4aa7dfca15b07b3059717004",
"versionType": "git"
},
{
"lessThan": "a97de7bff13b1cc825c1b1344eaed8d6c2d3e695",
"status": "affected",
"version": "bb23c0ab824653be4aa7dfca15b07b3059717004",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/bluetooth/rfcomm/sock.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.30"
},
{
"lessThan": "2.6.30",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.234",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.178",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.107",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.47",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.234",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.178",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.107",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.47",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8.7",
"versionStartIncluding": "2.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9",
"versionStartIncluding": "2.6.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: Fix not validating setsockopt user input\n\nsyzbot reported rfcomm_sock_setsockopt_old() is copying data without\nchecking user input length.\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset\ninclude/linux/sockptr.h:49 [inline]\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr\ninclude/linux/sockptr.h:55 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt_old\nnet/bluetooth/rfcomm/sock.c:632 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt+0x893/0xa70\nnet/bluetooth/rfcomm/sock.c:673\nRead of size 4 at addr ffff8880209a8bc3 by task syz-executor632/5064"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:14:39.055Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d072ea24748189cd8f4a9c3f585ca9af073a0838"
},
{
"url": "https://git.kernel.org/stable/c/00767fbd67af70d7a550caa5b12d9515fa978bab"
},
{
"url": "https://git.kernel.org/stable/c/eea40d33bf936a5c7fb03c190e61e0cfee00e872"
},
{
"url": "https://git.kernel.org/stable/c/4ea65e2095e9bd151d0469328dd7fc2858feb546"
},
{
"url": "https://git.kernel.org/stable/c/c3f787a3eafe519c93df9abbb0ca5145861c8d0f"
},
{
"url": "https://git.kernel.org/stable/c/a97de7bff13b1cc825c1b1344eaed8d6c2d3e695"
}
],
"title": "Bluetooth: RFCOMM: Fix not validating setsockopt user input",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-35966",
"datePublished": "2024-05-20T09:41:55.838Z",
"dateReserved": "2024-05-17T13:50:33.138Z",
"dateUpdated": "2026-05-12T11:53:16.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-40972 (GCVE-0-2024-40972)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:32 – Updated: 2026-05-11 20:23
VLAI?
EPSS
Title
ext4: do not create EA inode under buffer lock
Summary
In the Linux kernel, the following vulnerability has been resolved:
ext4: do not create EA inode under buffer lock
ext4_xattr_set_entry() creates new EA inodes while holding buffer lock
on the external xattr block. This is problematic as it nests all the
allocation locking (which acquires locks on other buffers) under the
buffer lock. This can even deadlock when the filesystem is corrupted and
e.g. quota file is setup to contain xattr block as data block. Move the
allocation of EA inode out of ext4_xattr_set_entry() into the callers.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
e50e5129f384ae282adebfb561189cdb19b81cee , < 0752e7fb549d90c33b4d4186f11cfd25a556d1dd
(git)
Affected: e50e5129f384ae282adebfb561189cdb19b81cee , < 737fb7853acd5bc8984f6f42e4bfba3334be8ae1 (git) Affected: e50e5129f384ae282adebfb561189cdb19b81cee , < 111103907234bffd0a34fba070ad9367de058752 (git) Affected: e50e5129f384ae282adebfb561189cdb19b81cee , < 0a46ef234756dca04623b7591e8ebb3440622f0b (git) |
|
| Linux | Linux |
Affected:
4.13
Unaffected: 0 , < 4.13 (semver) Unaffected: 6.1.107 , ≤ 6.1.* (semver) Unaffected: 6.6.47 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:58:37.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/111103907234bffd0a34fba070ad9367de058752"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0a46ef234756dca04623b7591e8ebb3440622f0b"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40972",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:02:50.931793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:22.436Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ext4/xattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0752e7fb549d90c33b4d4186f11cfd25a556d1dd",
"status": "affected",
"version": "e50e5129f384ae282adebfb561189cdb19b81cee",
"versionType": "git"
},
{
"lessThan": "737fb7853acd5bc8984f6f42e4bfba3334be8ae1",
"status": "affected",
"version": "e50e5129f384ae282adebfb561189cdb19b81cee",
"versionType": "git"
},
{
"lessThan": "111103907234bffd0a34fba070ad9367de058752",
"status": "affected",
"version": "e50e5129f384ae282adebfb561189cdb19b81cee",
"versionType": "git"
},
{
"lessThan": "0a46ef234756dca04623b7591e8ebb3440622f0b",
"status": "affected",
"version": "e50e5129f384ae282adebfb561189cdb19b81cee",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ext4/xattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.13"
},
{
"lessThan": "4.13",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.107",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.47",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.107",
"versionStartIncluding": "4.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.47",
"versionStartIncluding": "4.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "4.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "4.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: do not create EA inode under buffer lock\n\next4_xattr_set_entry() creates new EA inodes while holding buffer lock\non the external xattr block. This is problematic as it nests all the\nallocation locking (which acquires locks on other buffers) under the\nbuffer lock. This can even deadlock when the filesystem is corrupted and\ne.g. quota file is setup to contain xattr block as data block. Move the\nallocation of EA inode out of ext4_xattr_set_entry() into the callers."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:23:24.497Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0752e7fb549d90c33b4d4186f11cfd25a556d1dd"
},
{
"url": "https://git.kernel.org/stable/c/737fb7853acd5bc8984f6f42e4bfba3334be8ae1"
},
{
"url": "https://git.kernel.org/stable/c/111103907234bffd0a34fba070ad9367de058752"
},
{
"url": "https://git.kernel.org/stable/c/0a46ef234756dca04623b7591e8ebb3440622f0b"
}
],
"title": "ext4: do not create EA inode under buffer lock",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40972",
"datePublished": "2024-07-12T12:32:10.102Z",
"dateReserved": "2024-07-12T12:17:45.603Z",
"dateUpdated": "2026-05-11T20:23:24.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-41016 (GCVE-0-2024-41016)
Vulnerability from cvelistv5 – Published: 2024-07-29 06:37 – Updated: 2026-05-12 11:56
VLAI?
EPSS
Title
ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
Summary
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
xattr in ocfs2 maybe 'non-indexed', which saved with additional space
requested. It's better to check if the memory is out of bound before
memcmp, although this possibility mainly comes from crafted poisonous
images.
Severity ?
No CVSS data available.
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
cf1d6c763fbcb115263114302485ad17e7933d87 , < e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090
(git)
Affected: cf1d6c763fbcb115263114302485ad17e7933d87 , < e8f9c4af7af7e9e4cd09c0251c7936593147419f (git) Affected: cf1d6c763fbcb115263114302485ad17e7933d87 , < 57a3d89831fcaa2cdbe024b47c7c36d5a56c3637 (git) Affected: cf1d6c763fbcb115263114302485ad17e7933d87 , < c031d286eceb82f72f8623b7f4abd2aa491bfb5e (git) Affected: cf1d6c763fbcb115263114302485ad17e7933d87 , < cfb926051fab19b10d1e65976211f364aa820180 (git) Affected: cf1d6c763fbcb115263114302485ad17e7933d87 , < c726dea9d0c806d64c26fcef483b1fb9474d8c5e (git) Affected: cf1d6c763fbcb115263114302485ad17e7933d87 , < e4ffea01adf3323c821b6f37e9577d2d400adbaa (git) Affected: cf1d6c763fbcb115263114302485ad17e7933d87 , < af77c4fc1871847b528d58b7fdafb4aa1f6a9262 (git) |
|
| Linux | Linux |
Affected:
2.6.28
Unaffected: 0 , < 2.6.28 (semver) Unaffected: 4.19.323 , ≤ 4.19.* (semver) Unaffected: 5.4.285 , ≤ 5.4.* (semver) Unaffected: 5.10.227 , ≤ 5.10.* (semver) Unaffected: 5.15.168 , ≤ 5.15.* (semver) Unaffected: 6.1.112 , ≤ 6.1.* (semver) Unaffected: 6.6.53 , ≤ 6.6.* (semver) Unaffected: 6.10.12 , ≤ 6.10.* (semver) Unaffected: 6.11 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:59:18.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:24:43.120825Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:05.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:56:13.855Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/ocfs2/xattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
},
{
"lessThan": "e8f9c4af7af7e9e4cd09c0251c7936593147419f",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
},
{
"lessThan": "57a3d89831fcaa2cdbe024b47c7c36d5a56c3637",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
},
{
"lessThan": "c031d286eceb82f72f8623b7f4abd2aa491bfb5e",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
},
{
"lessThan": "cfb926051fab19b10d1e65976211f364aa820180",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
},
{
"lessThan": "c726dea9d0c806d64c26fcef483b1fb9474d8c5e",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
},
{
"lessThan": "e4ffea01adf3323c821b6f37e9577d2d400adbaa",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
},
{
"lessThan": "af77c4fc1871847b528d58b7fdafb4aa1f6a9262",
"status": "affected",
"version": "cf1d6c763fbcb115263114302485ad17e7933d87",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/ocfs2/xattr.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.28"
},
{
"lessThan": "2.6.28",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.323",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.285",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.227",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.168",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.112",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.53",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"version": "6.10.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.11",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.323",
"versionStartIncluding": "2.6.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.285",
"versionStartIncluding": "2.6.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.227",
"versionStartIncluding": "2.6.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.168",
"versionStartIncluding": "2.6.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.112",
"versionStartIncluding": "2.6.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.53",
"versionStartIncluding": "2.6.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10.12",
"versionStartIncluding": "2.6.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11",
"versionStartIncluding": "2.6.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()\n\nxattr in ocfs2 maybe \u0027non-indexed\u0027, which saved with additional space\nrequested. It\u0027s better to check if the memory is out of bound before\nmemcmp, although this possibility mainly comes from crafted poisonous\nimages."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:24:32.412Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090"
},
{
"url": "https://git.kernel.org/stable/c/e8f9c4af7af7e9e4cd09c0251c7936593147419f"
},
{
"url": "https://git.kernel.org/stable/c/57a3d89831fcaa2cdbe024b47c7c36d5a56c3637"
},
{
"url": "https://git.kernel.org/stable/c/c031d286eceb82f72f8623b7f4abd2aa491bfb5e"
},
{
"url": "https://git.kernel.org/stable/c/cfb926051fab19b10d1e65976211f364aa820180"
},
{
"url": "https://git.kernel.org/stable/c/c726dea9d0c806d64c26fcef483b1fb9474d8c5e"
},
{
"url": "https://git.kernel.org/stable/c/e4ffea01adf3323c821b6f37e9577d2d400adbaa"
},
{
"url": "https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262"
}
],
"title": "ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-41016",
"datePublished": "2024-07-29T06:37:02.530Z",
"dateReserved": "2024-07-12T12:17:45.612Z",
"dateUpdated": "2026-05-12T11:56:13.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-41096 (GCVE-0-2024-41096)
Vulnerability from cvelistv5 – Published: 2024-07-29 15:48 – Updated: 2026-05-11 20:26
VLAI?
EPSS
Title
PCI/MSI: Fix UAF in msi_capability_init
Summary
In the Linux kernel, the following vulnerability has been resolved:
PCI/MSI: Fix UAF in msi_capability_init
KFENCE reports the following UAF:
BUG: KFENCE: use-after-free read in __pci_enable_msi_range+0x2c0/0x488
Use-after-free read at 0x0000000024629571 (in kfence-#12):
__pci_enable_msi_range+0x2c0/0x488
pci_alloc_irq_vectors_affinity+0xec/0x14c
pci_alloc_irq_vectors+0x18/0x28
kfence-#12: 0x0000000008614900-0x00000000e06c228d, size=104, cache=kmalloc-128
allocated by task 81 on cpu 7 at 10.808142s:
__kmem_cache_alloc_node+0x1f0/0x2bc
kmalloc_trace+0x44/0x138
msi_alloc_desc+0x3c/0x9c
msi_domain_insert_msi_desc+0x30/0x78
msi_setup_msi_desc+0x13c/0x184
__pci_enable_msi_range+0x258/0x488
pci_alloc_irq_vectors_affinity+0xec/0x14c
pci_alloc_irq_vectors+0x18/0x28
freed by task 81 on cpu 7 at 10.811436s:
msi_domain_free_descs+0xd4/0x10c
msi_domain_free_locked.part.0+0xc0/0x1d8
msi_domain_alloc_irqs_all_locked+0xb4/0xbc
pci_msi_setup_msi_irqs+0x30/0x4c
__pci_enable_msi_range+0x2a8/0x488
pci_alloc_irq_vectors_affinity+0xec/0x14c
pci_alloc_irq_vectors+0x18/0x28
Descriptor allocation done in:
__pci_enable_msi_range
msi_capability_init
msi_setup_msi_desc
msi_insert_msi_desc
msi_domain_insert_msi_desc
msi_alloc_desc
...
Freed in case of failure in __msi_domain_alloc_locked()
__pci_enable_msi_range
msi_capability_init
pci_msi_setup_msi_irqs
msi_domain_alloc_irqs_all_locked
msi_domain_alloc_locked
__msi_domain_alloc_locked => fails
msi_domain_free_locked
...
That failure propagates back to pci_msi_setup_msi_irqs() in
msi_capability_init() which accesses the descriptor for unmasking in the
error exit path.
Cure it by copying the descriptor and using the copy for the error exit path
unmask operation.
[ tglx: Massaged change log ]
Severity ?
No CVSS data available.
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
bf6e054e0e3fbc9614355b760e18c8a14f952a4e , < 0ae40b2d0a5de6b045504098e365d4fdff5bbeba
(git)
Affected: bf6e054e0e3fbc9614355b760e18c8a14f952a4e , < ff1121d2214b794dc1772081f27bdd90721a84bc (git) Affected: bf6e054e0e3fbc9614355b760e18c8a14f952a4e , < 45fc8d20e0768ab0a0ad054081d0f68aa3c83976 (git) Affected: bf6e054e0e3fbc9614355b760e18c8a14f952a4e , < 9eee5330656bf92f51cb1f09b2dc9f8cf975b3d1 (git) |
|
| Linux | Linux |
Affected:
5.17
Unaffected: 0 , < 5.17 (semver) Unaffected: 6.1.109 , ≤ 6.1.* (semver) Unaffected: 6.6.37 , ≤ 6.6.* (semver) Unaffected: 6.9.8 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:00:53.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ff1121d2214b794dc1772081f27bdd90721a84bc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/45fc8d20e0768ab0a0ad054081d0f68aa3c83976"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9eee5330656bf92f51cb1f09b2dc9f8cf975b3d1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41096",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:20:22.209715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:09.074Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/pci/msi/msi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0ae40b2d0a5de6b045504098e365d4fdff5bbeba",
"status": "affected",
"version": "bf6e054e0e3fbc9614355b760e18c8a14f952a4e",
"versionType": "git"
},
{
"lessThan": "ff1121d2214b794dc1772081f27bdd90721a84bc",
"status": "affected",
"version": "bf6e054e0e3fbc9614355b760e18c8a14f952a4e",
"versionType": "git"
},
{
"lessThan": "45fc8d20e0768ab0a0ad054081d0f68aa3c83976",
"status": "affected",
"version": "bf6e054e0e3fbc9614355b760e18c8a14f952a4e",
"versionType": "git"
},
{
"lessThan": "9eee5330656bf92f51cb1f09b2dc9f8cf975b3d1",
"status": "affected",
"version": "bf6e054e0e3fbc9614355b760e18c8a14f952a4e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/pci/msi/msi.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.17"
},
{
"lessThan": "5.17",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.109",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.37",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.109",
"versionStartIncluding": "5.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.37",
"versionStartIncluding": "5.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.8",
"versionStartIncluding": "5.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "5.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/MSI: Fix UAF in msi_capability_init\n\nKFENCE reports the following UAF:\n\n BUG: KFENCE: use-after-free read in __pci_enable_msi_range+0x2c0/0x488\n\n Use-after-free read at 0x0000000024629571 (in kfence-#12):\n __pci_enable_msi_range+0x2c0/0x488\n pci_alloc_irq_vectors_affinity+0xec/0x14c\n pci_alloc_irq_vectors+0x18/0x28\n\n kfence-#12: 0x0000000008614900-0x00000000e06c228d, size=104, cache=kmalloc-128\n\n allocated by task 81 on cpu 7 at 10.808142s:\n __kmem_cache_alloc_node+0x1f0/0x2bc\n kmalloc_trace+0x44/0x138\n msi_alloc_desc+0x3c/0x9c\n msi_domain_insert_msi_desc+0x30/0x78\n msi_setup_msi_desc+0x13c/0x184\n __pci_enable_msi_range+0x258/0x488\n pci_alloc_irq_vectors_affinity+0xec/0x14c\n pci_alloc_irq_vectors+0x18/0x28\n\n freed by task 81 on cpu 7 at 10.811436s:\n msi_domain_free_descs+0xd4/0x10c\n msi_domain_free_locked.part.0+0xc0/0x1d8\n msi_domain_alloc_irqs_all_locked+0xb4/0xbc\n pci_msi_setup_msi_irqs+0x30/0x4c\n __pci_enable_msi_range+0x2a8/0x488\n pci_alloc_irq_vectors_affinity+0xec/0x14c\n pci_alloc_irq_vectors+0x18/0x28\n\nDescriptor allocation done in:\n__pci_enable_msi_range\n msi_capability_init\n msi_setup_msi_desc\n msi_insert_msi_desc\n msi_domain_insert_msi_desc\n msi_alloc_desc\n ...\n\nFreed in case of failure in __msi_domain_alloc_locked()\n__pci_enable_msi_range\n msi_capability_init\n pci_msi_setup_msi_irqs\n msi_domain_alloc_irqs_all_locked\n msi_domain_alloc_locked\n __msi_domain_alloc_locked =\u003e fails\n msi_domain_free_locked\n ...\n\nThat failure propagates back to pci_msi_setup_msi_irqs() in\nmsi_capability_init() which accesses the descriptor for unmasking in the\nerror exit path.\n\nCure it by copying the descriptor and using the copy for the error exit path\nunmask operation.\n\n[ tglx: Massaged change log ]"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:26:08.000Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0ae40b2d0a5de6b045504098e365d4fdff5bbeba"
},
{
"url": "https://git.kernel.org/stable/c/ff1121d2214b794dc1772081f27bdd90721a84bc"
},
{
"url": "https://git.kernel.org/stable/c/45fc8d20e0768ab0a0ad054081d0f68aa3c83976"
},
{
"url": "https://git.kernel.org/stable/c/9eee5330656bf92f51cb1f09b2dc9f8cf975b3d1"
}
],
"title": "PCI/MSI: Fix UAF in msi_capability_init",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-41096",
"datePublished": "2024-07-29T15:48:09.247Z",
"dateReserved": "2024-07-12T12:17:45.637Z",
"dateUpdated": "2026-05-11T20:26:08.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-41098 (GCVE-0-2024-41098)
Vulnerability from cvelistv5 – Published: 2024-07-29 15:48 – Updated: 2026-05-11 20:26
VLAI?
EPSS
Title
ata: libata-core: Fix null pointer dereference on error
Summary
In the Linux kernel, the following vulnerability has been resolved:
ata: libata-core: Fix null pointer dereference on error
If the ata_port_alloc() call in ata_host_alloc() fails,
ata_host_release() will get called.
However, the code in ata_host_release() tries to free ata_port struct
members unconditionally, which can lead to the following:
BUG: unable to handle page fault for address: 0000000000003990
PGD 0 P4D 0
Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 10 PID: 594 Comm: (udev-worker) Not tainted 6.10.0-rc5 #44
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014
RIP: 0010:ata_host_release.cold+0x2f/0x6e [libata]
Code: e4 4d 63 f4 44 89 e2 48 c7 c6 90 ad 32 c0 48 c7 c7 d0 70 33 c0 49 83 c6 0e 41
RSP: 0018:ffffc90000ebb968 EFLAGS: 00010246
RAX: 0000000000000041 RBX: ffff88810fb52e78 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff88813b3218c0 RDI: ffff88813b3218c0
RBP: ffff88810fb52e40 R08: 0000000000000000 R09: 6c65725f74736f68
R10: ffffc90000ebb738 R11: 73692033203a746e R12: 0000000000000004
R13: 0000000000000000 R14: 0000000000000011 R15: 0000000000000006
FS: 00007f6cc55b9980(0000) GS:ffff88813b300000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000003990 CR3: 00000001122a2000 CR4: 0000000000750ef0
PKRU: 55555554
Call Trace:
<TASK>
? __die_body.cold+0x19/0x27
? page_fault_oops+0x15a/0x2f0
? exc_page_fault+0x7e/0x180
? asm_exc_page_fault+0x26/0x30
? ata_host_release.cold+0x2f/0x6e [libata]
? ata_host_release.cold+0x2f/0x6e [libata]
release_nodes+0x35/0xb0
devres_release_group+0x113/0x140
ata_host_alloc+0xed/0x120 [libata]
ata_host_alloc_pinfo+0x14/0xa0 [libata]
ahci_init_one+0x6c9/0xd20 [ahci]
Do not access ata_port struct members unconditionally.
Severity ?
No CVSS data available.
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
633273a3ed1cf37ced90475b0f95cf81deab04f1 , < d9c4df80b1b009de1eb77c07e3bb4d45bd212aa5
(git)
Affected: 633273a3ed1cf37ced90475b0f95cf81deab04f1 , < 56e62977eaaae3eb7122ee2cf9b720b6703114a9 (git) Affected: 633273a3ed1cf37ced90475b0f95cf81deab04f1 , < e83405e75d90694ee6a5d898f7f0473ac2686054 (git) Affected: 633273a3ed1cf37ced90475b0f95cf81deab04f1 , < 221e3b1297e74fdec32d0f572f4dcb2260a0a2af (git) Affected: 633273a3ed1cf37ced90475b0f95cf81deab04f1 , < 0f0d37c154bb108730c90a91aa31e3170e827962 (git) Affected: 633273a3ed1cf37ced90475b0f95cf81deab04f1 , < 119c97ace2a9ffcf4dc09a23bb057d6c281aff28 (git) Affected: 633273a3ed1cf37ced90475b0f95cf81deab04f1 , < 8a8ff7e3b736a70d7b7c8764cbcd2724d4079ec8 (git) Affected: 633273a3ed1cf37ced90475b0f95cf81deab04f1 , < 5d92c7c566dc76d96e0e19e481d926bbe6631c1e (git) |
|
| Linux | Linux |
Affected:
2.6.24
Unaffected: 0 , < 2.6.24 (semver) Unaffected: 4.19.321 , ≤ 4.19.* (semver) Unaffected: 5.4.283 , ≤ 5.4.* (semver) Unaffected: 5.10.225 , ≤ 5.10.* (semver) Unaffected: 5.15.166 , ≤ 5.15.* (semver) Unaffected: 6.1.108 , ≤ 6.1.* (semver) Unaffected: 6.6.37 , ≤ 6.6.* (semver) Unaffected: 6.9.8 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:00:58.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/119c97ace2a9ffcf4dc09a23bb057d6c281aff28"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8a8ff7e3b736a70d7b7c8764cbcd2724d4079ec8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5d92c7c566dc76d96e0e19e481d926bbe6631c1e"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:20:15.779725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:08.738Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/ata/libata-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d9c4df80b1b009de1eb77c07e3bb4d45bd212aa5",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
},
{
"lessThan": "56e62977eaaae3eb7122ee2cf9b720b6703114a9",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
},
{
"lessThan": "e83405e75d90694ee6a5d898f7f0473ac2686054",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
},
{
"lessThan": "221e3b1297e74fdec32d0f572f4dcb2260a0a2af",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
},
{
"lessThan": "0f0d37c154bb108730c90a91aa31e3170e827962",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
},
{
"lessThan": "119c97ace2a9ffcf4dc09a23bb057d6c281aff28",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
},
{
"lessThan": "8a8ff7e3b736a70d7b7c8764cbcd2724d4079ec8",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
},
{
"lessThan": "5d92c7c566dc76d96e0e19e481d926bbe6631c1e",
"status": "affected",
"version": "633273a3ed1cf37ced90475b0f95cf81deab04f1",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/ata/libata-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.24"
},
{
"lessThan": "2.6.24",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.321",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.283",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.225",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.166",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.108",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.37",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.321",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.283",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.225",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.166",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.108",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.37",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.8",
"versionStartIncluding": "2.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "2.6.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-core: Fix null pointer dereference on error\n\nIf the ata_port_alloc() call in ata_host_alloc() fails,\nata_host_release() will get called.\n\nHowever, the code in ata_host_release() tries to free ata_port struct\nmembers unconditionally, which can lead to the following:\n\nBUG: unable to handle page fault for address: 0000000000003990\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 10 PID: 594 Comm: (udev-worker) Not tainted 6.10.0-rc5 #44\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014\nRIP: 0010:ata_host_release.cold+0x2f/0x6e [libata]\nCode: e4 4d 63 f4 44 89 e2 48 c7 c6 90 ad 32 c0 48 c7 c7 d0 70 33 c0 49 83 c6 0e 41\nRSP: 0018:ffffc90000ebb968 EFLAGS: 00010246\nRAX: 0000000000000041 RBX: ffff88810fb52e78 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff88813b3218c0 RDI: ffff88813b3218c0\nRBP: ffff88810fb52e40 R08: 0000000000000000 R09: 6c65725f74736f68\nR10: ffffc90000ebb738 R11: 73692033203a746e R12: 0000000000000004\nR13: 0000000000000000 R14: 0000000000000011 R15: 0000000000000006\nFS: 00007f6cc55b9980(0000) GS:ffff88813b300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000003990 CR3: 00000001122a2000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x27\n ? page_fault_oops+0x15a/0x2f0\n ? exc_page_fault+0x7e/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? ata_host_release.cold+0x2f/0x6e [libata]\n ? ata_host_release.cold+0x2f/0x6e [libata]\n release_nodes+0x35/0xb0\n devres_release_group+0x113/0x140\n ata_host_alloc+0xed/0x120 [libata]\n ata_host_alloc_pinfo+0x14/0xa0 [libata]\n ahci_init_one+0x6c9/0xd20 [ahci]\n\nDo not access ata_port struct members unconditionally."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:26:10.378Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d9c4df80b1b009de1eb77c07e3bb4d45bd212aa5"
},
{
"url": "https://git.kernel.org/stable/c/56e62977eaaae3eb7122ee2cf9b720b6703114a9"
},
{
"url": "https://git.kernel.org/stable/c/e83405e75d90694ee6a5d898f7f0473ac2686054"
},
{
"url": "https://git.kernel.org/stable/c/221e3b1297e74fdec32d0f572f4dcb2260a0a2af"
},
{
"url": "https://git.kernel.org/stable/c/0f0d37c154bb108730c90a91aa31e3170e827962"
},
{
"url": "https://git.kernel.org/stable/c/119c97ace2a9ffcf4dc09a23bb057d6c281aff28"
},
{
"url": "https://git.kernel.org/stable/c/8a8ff7e3b736a70d7b7c8764cbcd2724d4079ec8"
},
{
"url": "https://git.kernel.org/stable/c/5d92c7c566dc76d96e0e19e481d926bbe6631c1e"
}
],
"title": "ata: libata-core: Fix null pointer dereference on error",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-41098",
"datePublished": "2024-07-29T15:48:11.093Z",
"dateReserved": "2024-07-12T12:17:45.637Z",
"dateUpdated": "2026-05-11T20:26:10.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-42228 (GCVE-0-2024-42228)
Vulnerability from cvelistv5 – Published: 2024-07-30 07:47 – Updated: 2026-05-11 20:28
VLAI?
EPSS
Title
drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
Initialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001.
V2: To really improve the handling we would actually
need to have a separate value of 0xffffffff.(Christian)
Severity ?
No CVSS data available.
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < d35cf41c8eb5d9fe95b21ae6ee2910f9ba4878e8
(git)
Affected: d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < 3b505759447637dcccb50cbd98ec6f8d2a04fc46 (git) Affected: d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < df02642c21c984303fe34c3f7d72965792fb1a15 (git) Affected: d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < da6a85d197888067e8d38b5d22c986b5b5cab712 (git) Affected: d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < 9ee1534ecdd5b4c013064663502d7fde824d2144 (git) Affected: d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < 855ae72c20310e5402b2317fc537d911e87537ef (git) Affected: d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < f8f120b3de48b8b6bdf8988a9b334c2d61c17440 (git) Affected: d38ceaf99ed015f2a0b9af3499791bd3a3daae21 , < 88a9a467c548d0b3c7761b4fd54a68e70f9c0944 (git) |
|
| Linux | Linux |
Affected:
4.2
Unaffected: 0 , < 4.2 (semver) Unaffected: 4.19.321 , ≤ 4.19.* (semver) Unaffected: 5.4.283 , ≤ 5.4.* (semver) Unaffected: 5.10.225 , ≤ 5.10.* (semver) Unaffected: 5.15.166 , ≤ 5.15.* (semver) Unaffected: 6.1.108 , ≤ 6.1.* (semver) Unaffected: 6.6.39 , ≤ 6.6.* (semver) Unaffected: 6.9.9 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:02:31.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/855ae72c20310e5402b2317fc537d911e87537ef"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f8f120b3de48b8b6bdf8988a9b334c2d61c17440"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/88a9a467c548d0b3c7761b4fd54a68e70f9c0944"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-42228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:14:31.551012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:33.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d35cf41c8eb5d9fe95b21ae6ee2910f9ba4878e8",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
},
{
"lessThan": "3b505759447637dcccb50cbd98ec6f8d2a04fc46",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
},
{
"lessThan": "df02642c21c984303fe34c3f7d72965792fb1a15",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
},
{
"lessThan": "da6a85d197888067e8d38b5d22c986b5b5cab712",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
},
{
"lessThan": "9ee1534ecdd5b4c013064663502d7fde824d2144",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
},
{
"lessThan": "855ae72c20310e5402b2317fc537d911e87537ef",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
},
{
"lessThan": "f8f120b3de48b8b6bdf8988a9b334c2d61c17440",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
},
{
"lessThan": "88a9a467c548d0b3c7761b4fd54a68e70f9c0944",
"status": "affected",
"version": "d38ceaf99ed015f2a0b9af3499791bd3a3daae21",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.2"
},
{
"lessThan": "4.2",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.321",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.283",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.225",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.166",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.108",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.39",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.9",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.321",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.283",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.225",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.166",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.108",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.39",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.9",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc\n\nInitialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001.\nV2: To really improve the handling we would actually\n need to have a separate value of 0xffffffff.(Christian)"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:28:17.128Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d35cf41c8eb5d9fe95b21ae6ee2910f9ba4878e8"
},
{
"url": "https://git.kernel.org/stable/c/3b505759447637dcccb50cbd98ec6f8d2a04fc46"
},
{
"url": "https://git.kernel.org/stable/c/df02642c21c984303fe34c3f7d72965792fb1a15"
},
{
"url": "https://git.kernel.org/stable/c/da6a85d197888067e8d38b5d22c986b5b5cab712"
},
{
"url": "https://git.kernel.org/stable/c/9ee1534ecdd5b4c013064663502d7fde824d2144"
},
{
"url": "https://git.kernel.org/stable/c/855ae72c20310e5402b2317fc537d911e87537ef"
},
{
"url": "https://git.kernel.org/stable/c/f8f120b3de48b8b6bdf8988a9b334c2d61c17440"
},
{
"url": "https://git.kernel.org/stable/c/88a9a467c548d0b3c7761b4fd54a68e70f9c0944"
}
],
"title": "drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-42228",
"datePublished": "2024-07-30T07:47:08.955Z",
"dateReserved": "2024-07-30T07:40:12.250Z",
"dateUpdated": "2026-05-11T20:28:17.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…