CVE-2024-35813

EPSS 0.05%
Published 17.05.2024 14:15:15
Last modified 21.11.2024 09:20:57
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

mmc: core: Avoid negative index with array access

Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns
prev_idata = idatas[i - 1], but doesn't check that the iterator i is
greater than zero. Let's fix this by adding a check.

Affected products Warnungen 0 Metrics 1 CWE 0 References 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < b9a7339ae403035ffe7fc37cb034b36947910f68

Version f49f9e802785291149bdc9c824414de4604226b4

Status affected

Version < 2b539c88940e22494da80a93ee1c5a28bbad10f6

Version 59020bf0999ff7da8aedcd00ef8f0d75d93b6d20

Status affected

Version < 81b8645feca08a54c7c4bf36e7b176f4983b2f28

Version 50b8b7a22e90bab9f1949b64a88ff17ab10913ec

Status affected

Version < ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55

Version c4edcd134bb72b3b0acc884612d624e48c9d057f

Status affected

Version < 4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2

Version 1653a8102868264f3488c298a9f20af2add9a288

Status affected

Version < 064db53f9023a2d5877a2d12de6bc27995f6ca56

Version eed9119f8f8e8fbf225c08abdbb58597fba807e0

Status affected

Version < 7d0e8a6147550aa058fa6ade8583ad252aa61304

Version 4d0c8d0aef6355660b6775d57ccd5d4ea2e15802

Status affected

Version < cf55a7acd1ed38afe43bba1c8a0935b51d1dc014

Version 4d0c8d0aef6355660b6775d57ccd5d4ea2e15802

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.8

Status affected

Version < 6.8

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.274

Status unaffected

Version <= 5.10.*

Version 5.10.215

Status unaffected

Version <= 5.15.*

Version 5.15.154

Status unaffected

Version <= 6.1.*

Version 6.1.84

Status unaffected

Version <= 6.6.*

Version 6.6.24

Status unaffected

Version <= 6.7.*

Version 6.7.12

Status unaffected

Version <= 6.8.*

Version 6.8.3

Status unaffected

Version <= *

Version 6.9

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.139

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://git.kernel.org/stable/c/064db53f9023a2d5877a2d12de6bc27995f6ca56

https://git.kernel.org/stable/c/2b539c88940e22494da80a93ee1c5a28bbad10f6

https://git.kernel.org/stable/c/4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2

https://git.kernel.org/stable/c/7d0e8a6147550aa058fa6ade8583ad252aa61304

https://git.kernel.org/stable/c/81b8645feca08a54c7c4bf36e7b176f4983b2f28

https://git.kernel.org/stable/c/ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55

https://git.kernel.org/stable/c/b9a7339ae403035ffe7fc37cb034b36947910f68

https://git.kernel.org/stable/c/cf55a7acd1ed38afe43bba1c8a0935b51d1dc014

https://nvd.nist.gov/vuln/detail/CVE-2024-35813

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-35813

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-35813

EUVD