CVE-2024-56657

EPSS 0.03%
Published 27.12.2024 15:15:25
Last modified 01.10.2025 20:17:37
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

ALSA: control: Avoid WARN() for symlink errors

Using WARN() for showing the error of symlink creations don't give
more information than telling that something goes wrong, since the
usual code path is a lregister callback from each control element
creation.  More badly, the use of WARN() rather confuses fuzzer as if
it were serious issues.

This patch downgrades the warning messages to use the normal dev_err()
instead of WARN().  For making it clearer, add the function name to
the prefix, too.

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.13 < 6.6.67

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.6

Linux ≫ Linux Kernel Version6.13 Updaterc1

Linux ≫ Linux Kernel Version6.13 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.074

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://git.kernel.org/stable/c/36c0764474b637bbee498806485bed524cad486b

Patch

https://git.kernel.org/stable/c/b2e538a9827dd04ab5273bf4be8eb2edb84357b0

Patch

https://git.kernel.org/stable/c/d5a1ca7b59804d6779644001a878ed925a4688ca

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-56657

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-56657

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-56657

EUVD