Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-36953

Опубликовано: 30 мая 2024
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled gracefully. Similar to the GICv3 uaccess flow, check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2024:700124.09.2024
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:700024.09.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-158
https://bugzilla.redhat.com/show_bug.cgi?id=2284596kernel: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()

EPSS

Процентиль: 25%
0.00083
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-36953

CVSS3: 4.4
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled gracefully. Similar to the GICv3 uaccess flow, check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not.

nvd логотип

CVE-2024-36953

CVSS3: 4.4
nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled gracefully. Similar to the GICv3 uaccess flow, check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not.

debian логотип

CVE-2024-36953

CVSS3: 4.4
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: K ...

fstec логотип

BDU:2024-10754

CVSS3: 4.4
fstec
около 1 года назад

Уязвимость компонента vgic-v2 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

redos логотип

ROS-20241129-02

CVSS3: 8.8
redos
7 месяцев назад

Множественные уязвимости kernel-lt

EPSS

Процентиль: 25%
0.00083
Низкий

4.4 Medium

CVSS3