Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-36890

Опубликовано: 30 мая 2024
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: mm/slab: make __free(kfree) accept error pointers Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831x_gpio_dbg_show(). 171char *label __free(kfree) = gpiochip_dup_line_label(chip, i); 172if (IS_ERR(label)) { 173dev_err(wm831x->dev, "Failed to duplicate label\n"); 174continue; 175 } The auto clean up function should check for error pointers as well, otherwise we're going to keep hitting issues like this.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=2284569kernel: mm/slab: make __free(kfree) accept error pointers

EPSS

Процентиль: 34%
0.00131
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-36890

ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: mm/slab: make __free(kfree) accept error pointers Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831x_gpio_dbg_show(). 171 char *label __free(kfree) = gpiochip_dup_line_label(chip, i); 172 if (IS_ERR(label)) { 173 dev_err(wm831x->dev, "Failed to duplicate label\n"); 174 continue; 175 } The auto clean up function should check for error pointers as well, otherwise we're going to keep hitting issues like this.

nvd логотип

CVE-2024-36890

nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: mm/slab: make __free(kfree) accept error pointers Currently, if an automatically freed allocation is an error pointer that will lead to a crash. An example of this is in wm831x_gpio_dbg_show(). 171 char *label __free(kfree) = gpiochip_dup_line_label(chip, i); 172 if (IS_ERR(label)) { 173 dev_err(wm831x->dev, "Failed to duplicate label\n"); 174 continue; 175 } The auto clean up function should check for error pointers as well, otherwise we're going to keep hitting issues like this.

debian логотип

CVE-2024-36890

debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: m ...

fstec логотип

BDU:2024-10705

CVSS3: 5.5
fstec
около 1 года назад

Уязвимость компонентов mm/slab ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

oracle-oval логотип

ELSA-2024-12682

oracle-oval
9 месяцев назад

ELSA-2024-12682: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 34%
0.00131
Низкий

5.5 Medium

CVSS3

Уязвимость CVE-2024-36890