CVE-2024-53103

Опубликовано: 02 дек. 2024

Источник: redhat

CVSS3: 6.3

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.

Отчет

This issue is considered to be a moderate impact flaw, as the exploitation in this will not cause an Intigrity (I:L) threat with the available usecase.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Out of support scope
Red Hat Enterprise Linux 8	kernel	Will not fix
Red Hat Enterprise Linux 8	kernel-rt	Will not fix
Red Hat Enterprise Linux 9	kernel-rt	Affected
Red Hat Enterprise Linux 9	kernel	Fixed	RHSA-2025:6966	13.05.2025
Red Hat Enterprise Linux 9	kernel	Fixed	RHSA-2025:6966	13.05.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2329818kernel: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer

EPSS

Процентиль: 7%

0.00031

Низкий

6.3 Medium

CVSS3

Связанные уязвимости

CVE-2024-53103

CVSS3: 7.8

ubuntu

7 месяцев назад

CVE-2024-53103

CVSS3: 7.8

nvd

7 месяцев назад

CVE-2024-53103

CVSS3: 7.8

msrc

5 месяцев назад

Описание отсутствует

CVE-2024-53103

CVSS3: 7.8

debian

7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: h ...

GHSA-m934-94j6-4844

CVSS3: 7.8

github

7 месяцев назад

EPSS

Процентиль: 7%

0.00031

Низкий

6.3 Medium

CVSS3