5.5

CVE-2024-45021

memcg_write_event_control(): fix a user-triggerable oops

In the Linux kernel, the following vulnerability has been resolved:

memcg_write_event_control(): fix a user-triggerable oops

we are *not* guaranteed that anything past the terminating NUL
is mapped (let alone initialized with anything sane).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.34 < 4.19.321
LinuxLinux Kernel Version >= 4.20 < 5.4.283
LinuxLinux Kernel Version >= 5.5 < 5.10.225
LinuxLinux Kernel Version >= 5.11 < 5.15.166
LinuxLinux Kernel Version >= 5.16 < 6.1.107
LinuxLinux Kernel Version >= 6.2 < 6.6.48
LinuxLinux Kernel Version >= 6.7 < 6.10.7
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
LinuxLinux Kernel Version6.11 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.154
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/046667c4d3196938e992fba0dfcde570aa85cd0e
Patch
https://git.kernel.org/stable/c/0fbe2a72e853a1052abe9bc2b7df8ddb102da227
Patch
https://git.kernel.org/stable/c/1b37ec85ad95b612307627758c6018cd9d92cca8
Patch
https://git.kernel.org/stable/c/21b578f1d599edb87462f11113c5b0fc7a04ac61
Patch
https://git.kernel.org/stable/c/43768fa80fd192558737e24ed6548f74554611d7
Patch
https://git.kernel.org/stable/c/ad149f5585345e383baa65f1539d816cd715fd3b
Patch
https://git.kernel.org/stable/c/f1aa7c509aa766080db7ab3aec2e31b1df09e57c
Patch
https://git.kernel.org/stable/c/fa5bfdf6cb5846a00e712d630a43e3cf55ccb411
Patch
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html