5.5

CVE-2024-35813

mmc: core: Avoid negative index with array access

In the Linux kernel, the following vulnerability has been resolved:

mmc: core: Avoid negative index with array access

Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns
prev_idata = idatas[i - 1], but doesn't check that the iterator i is
greater than zero. Let's fix this by adding a check.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4.269 < 5.4.274
LinuxLinux Kernel Version >= 5.10.210 < 5.10.215
LinuxLinux Kernel Version >= 5.15.149 < 5.15.154
LinuxLinux Kernel Version >= 6.1.76 < 6.1.84
LinuxLinux Kernel Version >= 6.6.15 < 6.6.24
LinuxLinux Kernel Version >= 6.7.3 < 6.7.12
LinuxLinux Kernel Version >= 6.8 < 6.8.3
LinuxLinux Kernel Version6.9 Updaterc1
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.145
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory
https://git.kernel.org/stable/c/064db53f9023a2d5877a2d12de6bc27995f6ca56
Patch
https://git.kernel.org/stable/c/2b539c88940e22494da80a93ee1c5a28bbad10f6
Patch
https://git.kernel.org/stable/c/4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2
Patch
https://git.kernel.org/stable/c/7d0e8a6147550aa058fa6ade8583ad252aa61304
Patch
https://git.kernel.org/stable/c/81b8645feca08a54c7c4bf36e7b176f4983b2f28
Patch
https://git.kernel.org/stable/c/ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55
Patch
https://git.kernel.org/stable/c/b9a7339ae403035ffe7fc37cb034b36947910f68
Patch
https://git.kernel.org/stable/c/cf55a7acd1ed38afe43bba1c8a0935b51d1dc014
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html