CVE-2024-36481

EPSS 0.02%
Published 21.06.2024 12:15:11
Last modified 21.11.2024 09:22:16
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

tracing/probes: fix error check in parse_btf_field()

btf_find_struct_member() might return NULL or an error via the
ERR_PTR() macro. However, its caller in parse_btf_field() only checks
for the NULL condition. Fix this by using IS_ERR() and returning the
error up the stack.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.6

Linux ≫ Linux Kernel Version >= 6.6.1 < 6.6.33

Linux ≫ Linux Kernel Version >= 6.9 < 6.9.4

Linux ≫ Linux Kernel Version6.10.0 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.031

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0

Patch

Mailing List

https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a

Patch

Mailing List

https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb

Patch

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2024-36481

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-36481

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-36481

EUVD