5.5
CVE-2024-46803
- EPSS 0.26%
- Veröffentlicht 27.09.2024 13:15:13
- Zuletzt bearbeitet 04.10.2024 17:45:16
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm/amdkfd: Check debug trap enable before write dbg_ev_file
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbg_ev_file In interrupt context, write dbg_ev_file will be run by work queue. It will cause write dbg_ev_file execution after debug_trap_disable, which will cause NULL pointer access. v2: cancel work "debug_event_workarea" before set dbg_ev_file as NULL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.6.50
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.177 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/547033b593063eb85bfdf9b25a5f1b8fd1911be2
https://git.kernel.org/stable/c/820dcbd38a77bd5fdc4236d521c1c122841227d0
https://git.kernel.org/stable/c/e6ea3b8fe398915338147fe54dd2db8155fdafd8