7.8

CVE-2024-36015

ppdev: Add an error check in register_device

In the Linux kernel, the following vulnerability has been resolved:

ppdev: Add an error check in register_device

In register_device, the return value of ida_simple_get is unchecked,
in witch ida_simple_get will use an invalid index value.

To address this issue, index should be checked after ida_simple_get. When
the index value is abnormal, a warning message should be printed, the port
should be dropped, and the value should be recorded.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.9.22 < 4.10
LinuxLinux Kernel Version >= 4.10.7 < 4.11
LinuxLinux Kernel Version >= 4.11.1 < 4.19.316
LinuxLinux Kernel Version >= 4.20 < 5.4.278
LinuxLinux Kernel Version >= 5.5 < 5.10.219
LinuxLinux Kernel Version >= 5.11 < 5.15.161
LinuxLinux Kernel Version >= 5.16 < 6.1.93
LinuxLinux Kernel Version >= 6.2 < 6.6.33
LinuxLinux Kernel Version >= 6.7 < 6.9.4
LinuxLinux Kernel Version4.11 Update-
LinuxLinux Kernel Version4.11 Updaterc4
LinuxLinux Kernel Version4.11 Updaterc5
LinuxLinux Kernel Version4.11 Updaterc6
LinuxLinux Kernel Version4.11 Updaterc7
LinuxLinux Kernel Version4.11 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.161
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://git.kernel.org/stable/c/5d5b24edad1107a2ffa99058f20f6aeeafeb5d39
Patch
https://git.kernel.org/stable/c/65cd017d43f4319a56747d38308b0a24cf57299e
Patch
https://git.kernel.org/stable/c/b65d0410b879af0295d22438a4a32012786d152a
Patch
https://git.kernel.org/stable/c/b8c6b83cc3adff3ddf403c8c7063fe6d08b2b9d9
Patch
https://git.kernel.org/stable/c/d32caf51379a4d71db03d3d4d7c22d27cdf7f68b
Patch
https://git.kernel.org/stable/c/df9329247dbbf00f6057e002139ab3fa529ad828
Patch
https://git.kernel.org/stable/c/ec3468221efec6660ff656e9ebe51ced3520fc57
Patch
https://git.kernel.org/stable/c/fbf740aeb86a4fe82ad158d26d711f2f3be79b3e
Patch