CVE-2024-27025

Sažetak

In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.

Reference

https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d
https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e
https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced
https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8
https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797
https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983
https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a
https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf
https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d
https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e
https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced
https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8
https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797
https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983
https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a
https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

23-12-2024 - 19:24

Objavljeno

01-05-2024 - 13:15