5.5

CVE-2024-36481

tracing/probes: fix error check in parse_btf_field()

In the Linux kernel, the following vulnerability has been resolved:

tracing/probes: fix error check in parse_btf_field()

btf_find_struct_member() might return NULL or an error via the
ERR_PTR() macro. However, its caller in parse_btf_field() only checks
for the NULL condition. Fix this by using IS_ERR() and returning the
error up the stack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 6.6
LinuxLinux Kernel Version >= 6.6.1 < 6.6.33
LinuxLinux Kernel Version >= 6.9 < 6.9.4
LinuxLinux Kernel Version6.10.0 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.113
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0
Patch
Mailing List
https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a
Patch
Mailing List
https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb
Patch
Mailing List