5.5
CVE-2024-36891
- EPSS 0.23%
- Veröffentlicht 30.05.2024 16:15:12
- Zuletzt bearbeitet 21.11.2024 09:22:44
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
maple_tree: fix mas_empty_area_rev() null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference Currently the code calls mas_start() followed by mas_data_end() if the maple state is MA_START, but mas_start() may return with the maple state node == NULL. This will lead to a null pointer dereference when checking information in the NULL node, which is done in mas_data_end(). Avoid setting the offset if there is no node by waiting until after the maple state is checked for an empty or single entry state. A user could trigger the events to cause a kernel oops by unmapping all vmas to produce an empty maple tree, then mapping a vma that would cause the scenario described above.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.1 < 6.6.31
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.10
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.132 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/6c9c7c1e63b198a8b979ad963eb21410f10ccb00
https://git.kernel.org/stable/c/883e5d542bbdddbddeba60250cb482baf3ae2415
https://git.kernel.org/stable/c/955a923d2809803980ff574270f81510112be9cf
https://git.kernel.org/stable/c/f3956791cf526540addd3295e4c1e0f0442486cc