5.5

CVE-2024-45028

mmc: mmc_test: Fix NULL dereference on allocation failure

In the Linux kernel, the following vulnerability has been resolved:

mmc: mmc_test: Fix NULL dereference on allocation failure

If the "test->highmem = alloc_pages()" allocation fails then calling
__free_pages(test->highmem) will result in a NULL dereference.  Also
change the error code to -ENOMEM instead of returning success.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.27 < 4.19.321
LinuxLinux Kernel Version >= 4.20 < 5.4.283
LinuxLinux Kernel Version >= 5.5 < 5.10.225
LinuxLinux Kernel Version >= 5.11 < 5.15.166
LinuxLinux Kernel Version >= 5.16 < 6.1.107
LinuxLinux Kernel Version >= 6.2 < 6.6.48
LinuxLinux Kernel Version >= 6.7 < 6.10.7
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
LinuxLinux Kernel Version6.11 Updaterc3
LinuxLinux Kernel Version6.11 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.156
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/2b507b03991f44dfb202fc2a82c9874d1b1f0c06
Patch
https://git.kernel.org/stable/c/3b4e76ceae5b5a46c968bd952f551ce173809f63
Patch
https://git.kernel.org/stable/c/9b9ba386d7bfdbc38445932c90fa9444c0524bea
Patch
https://git.kernel.org/stable/c/a1e627af32ed60713941cbfc8075d44cad07f6dd
Patch
https://git.kernel.org/stable/c/cac2815f49d343b2f0acc4973d2c14918ac3ab0c
Patch
https://git.kernel.org/stable/c/e40515582141a9e7c84b269be699c05236a499a6
Patch
https://git.kernel.org/stable/c/e97be13a9f51284da450dd2a592e3fa87b49cdc9
Patch
https://git.kernel.org/stable/c/ecb15b8ca12c0cbdab81e307e9795214d8b90890
Patch
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html