5.5

CVE-2024-27025

nbd: null check for nla_nest_start

In the Linux kernel, the following vulnerability has been resolved:

nbd: null check for nla_nest_start

nla_nest_start() may fail and return NULL. Insert a check and set errno
based on other call sites within the same source code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.12 < 5.4.273
LinuxLinux Kernel Version >= 5.5 < 5.10.214
LinuxLinux Kernel Version >= 5.11 < 5.15.153
LinuxLinux Kernel Version >= 5.16 < 6.1.83
LinuxLinux Kernel Version >= 6.2 < 6.6.23
LinuxLinux Kernel Version >= 6.7 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.29% 0.206
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory
Mailing List
https://git.kernel.org/stable/c/31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6d
Patch
https://git.kernel.org/stable/c/44214d744be32a4769faebba764510888f1eb19e
Patch
https://git.kernel.org/stable/c/4af837db0fd3679fabc7b7758397090b0c06dced
Patch
https://git.kernel.org/stable/c/96436365e5d80d0106ea785a4f80a58e7c9edff8
Patch
https://git.kernel.org/stable/c/98e60b538e66c90b9a856828c71d4e975ebfa797
Patch
https://git.kernel.org/stable/c/b7f5aed55829f376e4f7e5ea5b80ccdcb023e983
Patch
https://git.kernel.org/stable/c/ba6a9970ce9e284cbc04099361c58731e308596a
Patch
https://git.kernel.org/stable/c/e803040b368d046434fbc8a91945c690332c4fcf
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html