5.5
CVE-2024-44969
- EPSS 0.22%
- Veröffentlicht 04.09.2024 19:15:31
- Zuletzt bearbeitet 03.11.2025 23:15:45
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
s390/sclp: Prevent release of buffer in I/O
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, there is a chance that the SCLP facility might store data into buffers referenced by the original operation at a later time. Handle this situation by not releasing the referenced data buffers if the halt attempt fails. For current use cases, this might result in a leak of few pages of memory in case of a rare hardware/firmware malfunction.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 4.19.320
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.282
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.224
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.165
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.105
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.46
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.12 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/1e8b7fb427af6b2ddd54eff66a6b428a81c96633
https://git.kernel.org/stable/c/1ec5ea9e25f582fd6999393e2f2c3bf56f234e05
https://git.kernel.org/stable/c/2429ea3b4330e3653b72b210a0d5f2a717359506
https://git.kernel.org/stable/c/46f67233b011385d53cf14d272431755de3a7c79
https://git.kernel.org/stable/c/7a7e60ed23d471a07dbbe72565d2992ee8244bbe
https://git.kernel.org/stable/c/a3e52a4c22c846858a6875e1c280030a3849e148
https://git.kernel.org/stable/c/a88a49473c94ccfd8dce1e766aacf3c627278463
https://git.kernel.org/stable/c/bf365071ea92b9579d5a272679b74052a5643e35
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html