CVE-2024-24856 - CERT CVE
ID CVE-2024-24856
Sažetak The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY.
Reference
CVSS
Base: 5.3
Impact: 4.0
Exploitability:0.8
Pristup
VektorSloženostAutentikacija
LOCAL HIGH LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE HIGH
CVSS vektor CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
Zadnje važnije ažuriranje 29-05-2024 - 08:15
Objavljeno 17-04-2024 - 09:15