Описание
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
A flaw was found in the Linux kernel. The create_empty_lvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB size is smaller than a single volume table record. This issue can result in a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2024:5102 | 08.08.2024 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2024:5101 | 08.08.2024 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2024:9315 | 12.11.2024 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2024:9315 | 12.11.2024 |
| Red Hat Enterprise Linux 9.4 Extended Update Support | kernel | Fixed | RHSA-2025:4509 | 06.05.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel throug ...
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
EPSS
5.5 Medium
CVSS3