CVE-2024-56767

Sažetak

In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan->free_descs_list is empty and memory is exhausted. Therefore, add check to avoid this.

Reference

https://git.kernel.org/stable/c/54376d8d26596f98ed7432a788314bb9154bf3e3
https://git.kernel.org/stable/c/c43ec96e8d34399bd9dab2f2dc316b904892133f
https://git.kernel.org/stable/c/e658f1c133b854b2ae799147301d82dddb8f3162
https://git.kernel.org/stable/c/fdba6d5e455388377ec7e82a5913ddfcc7edd93b

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

07-01-2025 - 22:51

Objavljeno

06-01-2025 - 17:15