Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-46868

Опубликовано: 27 сент. 2024
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop the lock on the error path. That's what all the callers are expecting.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-833
https://bugzilla.redhat.com/show_bug.cgi?id=2315220kernel: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire()

EPSS

Процентиль: 12%
0.0004
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-46868

CVSS3: 5.5
ubuntu
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop the lock on the error path. That's what all the callers are expecting.

nvd логотип

CVE-2024-46868

CVSS3: 5.5
nvd
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop the lock on the error path. That's what all the callers are expecting.

debian логотип

CVE-2024-46868

CVSS3: 5.5
debian
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: f ...

github логотип

GHSA-76f2-qj4m-vmqr

CVSS3: 5.5
github
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop the lock on the error path. That's what all the callers are expecting.

fstec логотип

BDU:2025-04636

CVSS3: 5.5
fstec
больше 1 года назад

Уязвимость функции qcuefi_set_reference() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 12%
0.0004
Низкий

4.4 Medium

CVSS3