5.5

CVE-2024-43906

EPSS 0.02%
Published 26.08.2024 11:15:04
Last modified 27.08.2024 13:41:30
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/admgpu: fix dereferencing null pointer context

When user space sets an invalid ta type, the pointer context will be empty.
So it need to check the pointer context before using it

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.6.46

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.031

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/030ffd4d43b433bc6671d9ec34fc12c59220b95d

Patch

https://git.kernel.org/stable/c/4fd52f7c2c11d330571c6bde06e5ea508ec25c9d

Patch

https://git.kernel.org/stable/c/641dac64178ccdb9e45c92b67120316896294d05

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-43906

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-43906

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-43906

EUVD