5.5

CVE-2023-52690

powerpc/powernv: Add a null pointer check to scom_debug_init_one()

In the Linux kernel, the following vulnerability has been resolved:

powerpc/powernv: Add a null pointer check to scom_debug_init_one()

kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure.
Add a null pointer check, and release 'ent' to avoid memory leaks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.4.268
LinuxLinux Kernel Version >= 5.5 < 5.10.209
LinuxLinux Kernel Version >= 5.11 < 5.15.148
LinuxLinux Kernel Version >= 5.16 < 6.1.75
LinuxLinux Kernel Version >= 6.2 < 6.6.14
LinuxLinux Kernel Version >= 6.7 < 6.7.2
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.143
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
Mailing List
https://git.kernel.org/stable/c/1eefa93faf69188540b08b024794fa90b1d82e8b
Patch
Mailing List
https://git.kernel.org/stable/c/2a82c4439b903639e0a1f21990cd399fb0a49c19
Patch
Mailing List
https://git.kernel.org/stable/c/9a260f2dd827bbc82cc60eb4f4d8c22707d80742
Patch
Mailing List
https://git.kernel.org/stable/c/a9c05cbb6644a2103c75b6906e9dafb9981ebd13
Patch
Mailing List
https://git.kernel.org/stable/c/dd8422ff271c22058560832fc3006324ded895a9
Patch
Mailing List
https://git.kernel.org/stable/c/ed8d023cfa97b559db58c0e1afdd2eec7a83d8f2
Patch
Mailing List
https://git.kernel.org/stable/c/f84c1446daa552e9699da8d1f8375eac0f65edc7
Patch
Mailing List