5.5
CVE-2024-35985
- EPSS 0.02%
- Published 20.05.2024 10:15:12
- Last modified 16.01.2025 16:43:59
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Open
LoginIn the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Prevent vlag from going out of bounds in reweight_eevdf() It was possible to have pick_eevdf() return NULL, which then causes a NULL-deref. This turned out to be due to entity_eligible() returning falsely negative because of a s64 multiplcation overflow. Specifically, reweight_eevdf() computes the vlag without considering the limit placed upon vlag as update_entity_lag() does, and then the scaling multiplication (remember that weight is 20bit fixed point) can overflow. This then leads to the new vruntime being weird which then causes the above entity_eligible() to go side-ways and claim nothing is eligible. Thus limit the range of vlag accordingly. All this was quite rare, but fatal when it does happen.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.6.4 < 6.6.30
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.9
Linux ≫ Linux Kernel Version6.9 Updaterc1
Linux ≫ Linux Kernel Version6.9 Updaterc2
Linux ≫ Linux Kernel Version6.9 Updaterc3
Linux ≫ Linux Kernel Version6.9 Updaterc4
Linux ≫ Linux Kernel Version6.9 Updaterc5
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.028 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.