5.5

CVE-2024-35940

pstore/zone: Add a null pointer check to the psz_kmsg_read

In the Linux kernel, the following vulnerability has been resolved:

pstore/zone: Add a null pointer check to the psz_kmsg_read

kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure. Ensure the allocation was successful
by checking the pointer validity.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10.215
LinuxLinux Kernel Version >= 5.11 < 5.15.155
LinuxLinux Kernel Version >= 5.16 < 6.1.86
LinuxLinux Kernel Version >= 6.2 < 6.6.27
LinuxLinux Kernel Version >= 6.7 < 6.8.6
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.111
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory
Mailing List
https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb
Patch
https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682
Patch
https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc
Patch
https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8
Patch
https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041
Patch
https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70
Patch
https://cert-portal.siemens.com/productcert/html/ssa-265688.html