Vulnerability-Lookup

CERTFR-2024-AVI-0381

Vulnerability from certfr_avis - Published: 2024-05-10 - Updated: 2024-05-10

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Debian	N/A	Debian bookworm (stable) versions antérieures à 6.1.90-1
	Debian	N/A	Debian bullseye (old) versions antérieures à 5.10.216-1

References

Title

Publication Time

CVE-2024-27043 (GCVE-0-2024-27043)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-11 20:09

Title

media: edia: dvbdev: fix a use-after-free

Summary

In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocation, causing use-after-frees in many places, for example, in the following call chain: budget_register |-> dvb_dmxdev_init |-> dvb_register_device |-> dvb_dmxdev_release |-> dvb_unregister_device |-> dvb_remove_device |-> dvb_device_put |-> kref_put When calling dvb_unregister_device, dmxdev->dvbdev (i.e. *pdvbdev in dvb_register_device) could point to memory that had been freed in dvb_register_device. Thereafter, this pointer is transferred to kref_put and triggering a use-after-free.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/d0f5c28333822f9ba…
https://git.kernel.org/stable/c/f20c3270f3ed5aa69…
https://git.kernel.org/stable/c/096237039d00c839f…
https://git.kernel.org/stable/c/0d3fe80b6d175c220…
https://git.kernel.org/stable/c/437a111f79a2f5b2a…
https://git.kernel.org/stable/c/779e8db7efb22316c…
https://git.kernel.org/stable/c/35674111a043b0482…
https://git.kernel.org/stable/c/b7586e902128e4fb7…
https://git.kernel.org/stable/c/8c64f4cdf4e6cc568…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://lists.debian.org/debian-lts-announce/2024…	x_transferred

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < d0f5c28333822f9baa5280d813124920720fd856 (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < f20c3270f3ed5aa6919a87e4de9bf6c05fb57086 (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < 096237039d00c839f3e3a5fe6d001bf0db45b644 (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < 0d3fe80b6d175c220b3e252efc6c6777e700e98e (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < 437a111f79a2f5b2a5f21e27fdec6f40c8768712 (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < 779e8db7efb22316c8581d6c229636d2f5694a62 (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < 35674111a043b0482a9bc69da8850a83f465b07d (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < b7586e902128e4fb7bfbb661cb52e4215a65637b (git) Affected: b61901024776b25ce7b8edc31bb1757c7382a88e , < 8c64f4cdf4e6cc5682c52523713af8c39c94e6d5 (git)
Linux	Linux	Affected: 2.6.21 Unaffected: 0 , < 2.6.21 (semver) Unaffected: 4.19.311 , ≤ 4.19.* (semver) Unaffected: 5.4.273 , ≤ 5.4.* (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27043",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-15T19:22:34.576999Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-15T19:22:42.564Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/dvb-core/dvbdev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d0f5c28333822f9baa5280d813124920720fd856",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "f20c3270f3ed5aa6919a87e4de9bf6c05fb57086",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "096237039d00c839f3e3a5fe6d001bf0db45b644",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "0d3fe80b6d175c220b3e252efc6c6777e700e98e",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "437a111f79a2f5b2a5f21e27fdec6f40c8768712",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "779e8db7efb22316c8581d6c229636d2f5694a62",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "35674111a043b0482a9bc69da8850a83f465b07d",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "b7586e902128e4fb7bfbb661cb52e4215a65637b",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            },
            {
              "lessThan": "8c64f4cdf4e6cc5682c52523713af8c39c94e6d5",
              "status": "affected",
              "version": "b61901024776b25ce7b8edc31bb1757c7382a88e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/dvb-core/dvbdev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.21"
            },
            {
              "lessThan": "2.6.21",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.311",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.311",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.273",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "2.6.21",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n  |-\u003e dvb_dmxdev_init\n        |-\u003e dvb_register_device\n  |-\u003e dvb_dmxdev_release\n        |-\u003e dvb_unregister_device\n              |-\u003e dvb_remove_device\n                    |-\u003e dvb_device_put\n                          |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:17.969Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d0f5c28333822f9baa5280d813124920720fd856"
        },
        {
          "url": "https://git.kernel.org/stable/c/f20c3270f3ed5aa6919a87e4de9bf6c05fb57086"
        },
        {
          "url": "https://git.kernel.org/stable/c/096237039d00c839f3e3a5fe6d001bf0db45b644"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d3fe80b6d175c220b3e252efc6c6777e700e98e"
        },
        {
          "url": "https://git.kernel.org/stable/c/437a111f79a2f5b2a5f21e27fdec6f40c8768712"
        },
        {
          "url": "https://git.kernel.org/stable/c/779e8db7efb22316c8581d6c229636d2f5694a62"
        },
        {
          "url": "https://git.kernel.org/stable/c/35674111a043b0482a9bc69da8850a83f465b07d"
        },
        {
          "url": "https://git.kernel.org/stable/c/b7586e902128e4fb7bfbb661cb52e4215a65637b"
        },
        {
          "url": "https://git.kernel.org/stable/c/8c64f4cdf4e6cc5682c52523713af8c39c94e6d5"
        }
      ],
      "title": "media: edia: dvbdev: fix a use-after-free",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27043",
    "datePublished": "2024-05-01T12:54:11.197Z",
    "dateReserved": "2024-02-19T14:20:24.212Z",
    "dateUpdated": "2026-05-11T20:09:17.969Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27044 (GCVE-0-2024-27044)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-11 20:09

Title

drm/amd/display: Fix potential NULL pointer dereferences in 'dcn10_set_output_transfer_func()'

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential NULL pointer dereferences in 'dcn10_set_output_transfer_func()' The 'stream' pointer is used in dcn10_set_output_transfer_func() before the check if 'stream' is NULL. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn10/dcn10_hwseq.c:1892 dcn10_set_output_transfer_func() warn: variable dereferenced before check 'stream' (see line 1875)

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

9 references

URL	Tags
https://git.kernel.org/stable/c/e019d87e02f1e539a…
https://git.kernel.org/stable/c/330caa061af53ea6d…
https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba…
https://git.kernel.org/stable/c/29fde8895b2fcc33f…
https://git.kernel.org/stable/c/2d9fe7787af01188d…
https://git.kernel.org/stable/c/14613d52bc7fc180d…
https://git.kernel.org/stable/c/7874ab3105ca46571…
https://git.kernel.org/stable/c/9ccfe80d022df7c59…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < e019d87e02f1e539ae48b99187f253847744ca7a (git) Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < 330caa061af53ea6d287d7c43d0703714e510e08 (git) Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < 6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb (git) Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < 29fde8895b2fcc33f44aea28c644ce2d9b62f9e0 (git) Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < 2d9fe7787af01188dc470a649bdbb842d6511fd7 (git) Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < 14613d52bc7fc180df6d2c65ba65fc921fc1dda7 (git) Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < 7874ab3105ca4657102fee1cc14b0af70883c484 (git) Affected: ddef02de0d71d483ad4398393717cc0d53fc990a , < 9ccfe80d022df7c595f1925afb31de2232900656 (git)
Linux	Linux	Affected: 5.4 Unaffected: 0 , < 5.4 (semver) Unaffected: 5.4.273 , ≤ 5.4.* (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27044",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-01T13:38:17.735678Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:22:49.219Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:06.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e019d87e02f1e539ae48b99187f253847744ca7a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/330caa061af53ea6d287d7c43d0703714e510e08"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/29fde8895b2fcc33f44aea28c644ce2d9b62f9e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2d9fe7787af01188dc470a649bdbb842d6511fd7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/14613d52bc7fc180df6d2c65ba65fc921fc1dda7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7874ab3105ca4657102fee1cc14b0af70883c484"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ccfe80d022df7c595f1925afb31de2232900656"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e019d87e02f1e539ae48b99187f253847744ca7a",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            },
            {
              "lessThan": "330caa061af53ea6d287d7c43d0703714e510e08",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            },
            {
              "lessThan": "6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            },
            {
              "lessThan": "29fde8895b2fcc33f44aea28c644ce2d9b62f9e0",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            },
            {
              "lessThan": "2d9fe7787af01188dc470a649bdbb842d6511fd7",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            },
            {
              "lessThan": "14613d52bc7fc180df6d2c65ba65fc921fc1dda7",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            },
            {
              "lessThan": "7874ab3105ca4657102fee1cc14b0af70883c484",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            },
            {
              "lessThan": "9ccfe80d022df7c595f1925afb31de2232900656",
              "status": "affected",
              "version": "ddef02de0d71d483ad4398393717cc0d53fc990a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/dc/hwss/dcn10/dcn10_hwseq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.273",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential NULL pointer dereferences in \u0027dcn10_set_output_transfer_func()\u0027\n\nThe \u0027stream\u0027 pointer is used in dcn10_set_output_transfer_func() before\nthe check if \u0027stream\u0027 is NULL.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn10/dcn10_hwseq.c:1892 dcn10_set_output_transfer_func() warn: variable dereferenced before check \u0027stream\u0027 (see line 1875)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:19.118Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e019d87e02f1e539ae48b99187f253847744ca7a"
        },
        {
          "url": "https://git.kernel.org/stable/c/330caa061af53ea6d287d7c43d0703714e510e08"
        },
        {
          "url": "https://git.kernel.org/stable/c/6ac7c7a3a9ab57aba0fe78ecb922d2b20e16efeb"
        },
        {
          "url": "https://git.kernel.org/stable/c/29fde8895b2fcc33f44aea28c644ce2d9b62f9e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/2d9fe7787af01188dc470a649bdbb842d6511fd7"
        },
        {
          "url": "https://git.kernel.org/stable/c/14613d52bc7fc180df6d2c65ba65fc921fc1dda7"
        },
        {
          "url": "https://git.kernel.org/stable/c/7874ab3105ca4657102fee1cc14b0af70883c484"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ccfe80d022df7c595f1925afb31de2232900656"
        }
      ],
      "title": "drm/amd/display: Fix potential NULL pointer dereferences in \u0027dcn10_set_output_transfer_func()\u0027",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27044",
    "datePublished": "2024-05-01T12:54:14.695Z",
    "dateReserved": "2024-02-19T14:20:24.213Z",
    "dateUpdated": "2026-05-11T20:09:19.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27045 (GCVE-0-2024-27045)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-11 20:09

Title

drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' Tell snprintf() to store at most 10 bytes in the output buffer instead of 30. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/ff28893c96c5e0927…
https://git.kernel.org/stable/c/440f059837418fac1…
https://git.kernel.org/stable/c/d346b3e5b25c95d50…
https://git.kernel.org/stable/c/ad76fd30557d6a106…
https://git.kernel.org/stable/c/eb9327af3621d26b1…
https://git.kernel.org/stable/c/cf114d8d4a8d78df2…
https://git.kernel.org/stable/c/4b09715f1504f1b6e…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: c06e09b76639657f284bfaf1cce29557a2515e85 , < ff28893c96c5e0927a4da10cd24a3522ca663515 (git) Affected: c06e09b76639657f284bfaf1cce29557a2515e85 , < 440f059837418fac1695b65d3ebc6080d33be877 (git) Affected: c06e09b76639657f284bfaf1cce29557a2515e85 , < d346b3e5b25c95d504478507eb867cd3818775ab (git) Affected: c06e09b76639657f284bfaf1cce29557a2515e85 , < ad76fd30557d6a106c481e4606a981221ca525f7 (git) Affected: c06e09b76639657f284bfaf1cce29557a2515e85 , < eb9327af3621d26b1d83f767c97a3fe8191a3a65 (git) Affected: c06e09b76639657f284bfaf1cce29557a2515e85 , < cf114d8d4a8d78df272116a745bb43b48cef65f4 (git) Affected: c06e09b76639657f284bfaf1cce29557a2515e85 , < 4b09715f1504f1b6e8dff0e9643630610bc05141 (git)
Linux	Linux	Affected: 5.9 Unaffected: 0 , < 5.9 (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27045",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:44:14.603651Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:32.475Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ff28893c96c5e0927a4da10cd24a3522ca663515",
              "status": "affected",
              "version": "c06e09b76639657f284bfaf1cce29557a2515e85",
              "versionType": "git"
            },
            {
              "lessThan": "440f059837418fac1695b65d3ebc6080d33be877",
              "status": "affected",
              "version": "c06e09b76639657f284bfaf1cce29557a2515e85",
              "versionType": "git"
            },
            {
              "lessThan": "d346b3e5b25c95d504478507eb867cd3818775ab",
              "status": "affected",
              "version": "c06e09b76639657f284bfaf1cce29557a2515e85",
              "versionType": "git"
            },
            {
              "lessThan": "ad76fd30557d6a106c481e4606a981221ca525f7",
              "status": "affected",
              "version": "c06e09b76639657f284bfaf1cce29557a2515e85",
              "versionType": "git"
            },
            {
              "lessThan": "eb9327af3621d26b1d83f767c97a3fe8191a3a65",
              "status": "affected",
              "version": "c06e09b76639657f284bfaf1cce29557a2515e85",
              "versionType": "git"
            },
            {
              "lessThan": "cf114d8d4a8d78df272116a745bb43b48cef65f4",
              "status": "affected",
              "version": "c06e09b76639657f284bfaf1cce29557a2515e85",
              "versionType": "git"
            },
            {
              "lessThan": "4b09715f1504f1b6e8dff0e9643630610bc05141",
              "status": "affected",
              "version": "c06e09b76639657f284bfaf1cce29557a2515e85",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a potential buffer overflow in \u0027dp_dsc_clock_en_read()\u0027\n\nTell snprintf() to store at most 10 bytes in the output buffer\ninstead of 30.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:20.328Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ff28893c96c5e0927a4da10cd24a3522ca663515"
        },
        {
          "url": "https://git.kernel.org/stable/c/440f059837418fac1695b65d3ebc6080d33be877"
        },
        {
          "url": "https://git.kernel.org/stable/c/d346b3e5b25c95d504478507eb867cd3818775ab"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad76fd30557d6a106c481e4606a981221ca525f7"
        },
        {
          "url": "https://git.kernel.org/stable/c/eb9327af3621d26b1d83f767c97a3fe8191a3a65"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf114d8d4a8d78df272116a745bb43b48cef65f4"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b09715f1504f1b6e8dff0e9643630610bc05141"
        }
      ],
      "title": "drm/amd/display: Fix a potential buffer overflow in \u0027dp_dsc_clock_en_read()\u0027",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27045",
    "datePublished": "2024-05-01T12:54:18.138Z",
    "dateReserved": "2024-02-19T14:20:24.213Z",
    "dateUpdated": "2026-05-11T20:09:20.328Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27046 (GCVE-0-2024-27046)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-11 20:09

Title

nfp: flower: handle acti_netdevs allocation failure

Summary

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null pointer dereference bugs will happen. This patch adds a check to judge whether allocation failure occurs. If it happens, the delayed work will be rescheduled and try again.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/d746889db75a76aee…
https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc…
https://git.kernel.org/stable/c/928705e341010dd91…
https://git.kernel.org/stable/c/0d387dc503f9a53e6…
https://git.kernel.org/stable/c/c9b4e220dd18f7950…
https://git.kernel.org/stable/c/408ba7fd04f959c61…
https://git.kernel.org/stable/c/c8df9203bf22c66fa…
https://git.kernel.org/stable/c/9d8eb1238377cd994…
https://git.kernel.org/stable/c/84e95149bd341705f…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://lists.debian.org/debian-lts-announce/2024…	x_transferred

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < d746889db75a76aeee95fb705b8e1ac28c684a2e (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < 3b1e8a617eb0f4cdc19def530047a95b5abde07d (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < 928705e341010dd910fdece61ccb974f494a758f (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < 0d387dc503f9a53e6d1f6e9dd0292d38f083eba5 (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < c9b4e220dd18f79507803f38a55d53b483f6c9c3 (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < 408ba7fd04f959c61b50db79c983484312fea642 (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < c8df9203bf22c66fa26e8d8c7f8ce181cf88099d (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < 9d8eb1238377cd994829f9162ae396a84ae037b2 (git) Affected: bb9a8d031140f186d13d82f57b0f5646d596652f , < 84e95149bd341705f0eca6a7fcb955c548805002 (git)
Linux	Linux	Affected: 4.18 Unaffected: 0 , < 4.18 (semver) Unaffected: 4.19.311 , ≤ 4.19.* (semver) Unaffected: 5.4.273 , ≤ 5.4.* (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27046",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:40:11.581706Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:45:28.272Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.990Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/netronome/nfp/flower/lag_conf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d746889db75a76aeee95fb705b8e1ac28c684a2e",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "3b1e8a617eb0f4cdc19def530047a95b5abde07d",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "928705e341010dd910fdece61ccb974f494a758f",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "0d387dc503f9a53e6d1f6e9dd0292d38f083eba5",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "c9b4e220dd18f79507803f38a55d53b483f6c9c3",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "408ba7fd04f959c61b50db79c983484312fea642",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "c8df9203bf22c66fa26e8d8c7f8ce181cf88099d",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "9d8eb1238377cd994829f9162ae396a84ae037b2",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            },
            {
              "lessThan": "84e95149bd341705f0eca6a7fcb955c548805002",
              "status": "affected",
              "version": "bb9a8d031140f186d13d82f57b0f5646d596652f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/netronome/nfp/flower/lag_conf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.18"
            },
            {
              "lessThan": "4.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.311",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.311",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.273",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "4.18",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:21.444Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e"
        },
        {
          "url": "https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d"
        },
        {
          "url": "https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5"
        },
        {
          "url": "https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3"
        },
        {
          "url": "https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642"
        },
        {
          "url": "https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d"
        },
        {
          "url": "https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002"
        }
      ],
      "title": "nfp: flower: handle acti_netdevs allocation failure",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27046",
    "datePublished": "2024-05-01T12:54:21.725Z",
    "dateReserved": "2024-02-19T14:20:24.213Z",
    "dateUpdated": "2026-05-11T20:09:21.444Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27047 (GCVE-0-2024-27047)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-12 11:51

Title

net: phy: fix phy_get_internal_delay accessing an empty array

Summary

In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty array in the case that the driver is calling phy_get_internal_delay without defining delay_values and rx-internal-delay-ps or tx-internal-delay-ps is defined to 0 in the device-tree. This will lead to "unable to handle kernel NULL pointer dereference at virtual address 0". To avoid this kernel oops, the test should be delay >= 0. As there is already delay < 0 test just before, the test could only be size == 0.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

9 references

URL	Tags
https://git.kernel.org/stable/c/06dd21045a7e8bc87…
https://git.kernel.org/stable/c/0e939a002c8a7d66e…
https://git.kernel.org/stable/c/2a2ff709511617de9…
https://git.kernel.org/stable/c/589ec16174dd93789…
https://git.kernel.org/stable/c/c0691de7df1d51482…
https://git.kernel.org/stable/c/0307cf443308ecc6b…
https://git.kernel.org/stable/c/4469c0c5b14a0919f…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://cert-portal.siemens.com/productcert/html/…

Impacted products

3 products

Vendor	Product	Version
Linux	Linux	Affected: 92252eec913b2dd5e7b5de11ea3efa2e64d65cf4 , < 06dd21045a7e8bc8701b0ebedcd9a30a6325878b (git) Affected: 92252eec913b2dd5e7b5de11ea3efa2e64d65cf4 , < 0e939a002c8a7d66e60bd0ea6b281fb39d713c1a (git) Affected: 92252eec913b2dd5e7b5de11ea3efa2e64d65cf4 , < 2a2ff709511617de9c6c072eeee82bcbbdfecaf8 (git) Affected: 92252eec913b2dd5e7b5de11ea3efa2e64d65cf4 , < 589ec16174dd9378953b8232ae76fad0a96e1563 (git) Affected: 92252eec913b2dd5e7b5de11ea3efa2e64d65cf4 , < c0691de7df1d51482a52cac93b7fe82fd9dd296b (git) Affected: 92252eec913b2dd5e7b5de11ea3efa2e64d65cf4 , < 0307cf443308ecc6be9b2ca312bb31bae5e5a7ad (git) Affected: 92252eec913b2dd5e7b5de11ea3efa2e64d65cf4 , < 4469c0c5b14a0919f5965c7ceac96b523eb57b79 (git)
Linux	Linux	Affected: 5.9 Unaffected: 0 , < 5.9 (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)
Siemens	SIMATIC S7-1500 TM MFP - GNU/Linux subsystem	Affected: 0 , < * (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27047",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-09T18:38:46.768621Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:42.449Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.863Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:51:16.909Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/phy/phy_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "06dd21045a7e8bc8701b0ebedcd9a30a6325878b",
              "status": "affected",
              "version": "92252eec913b2dd5e7b5de11ea3efa2e64d65cf4",
              "versionType": "git"
            },
            {
              "lessThan": "0e939a002c8a7d66e60bd0ea6b281fb39d713c1a",
              "status": "affected",
              "version": "92252eec913b2dd5e7b5de11ea3efa2e64d65cf4",
              "versionType": "git"
            },
            {
              "lessThan": "2a2ff709511617de9c6c072eeee82bcbbdfecaf8",
              "status": "affected",
              "version": "92252eec913b2dd5e7b5de11ea3efa2e64d65cf4",
              "versionType": "git"
            },
            {
              "lessThan": "589ec16174dd9378953b8232ae76fad0a96e1563",
              "status": "affected",
              "version": "92252eec913b2dd5e7b5de11ea3efa2e64d65cf4",
              "versionType": "git"
            },
            {
              "lessThan": "c0691de7df1d51482a52cac93b7fe82fd9dd296b",
              "status": "affected",
              "version": "92252eec913b2dd5e7b5de11ea3efa2e64d65cf4",
              "versionType": "git"
            },
            {
              "lessThan": "0307cf443308ecc6be9b2ca312bb31bae5e5a7ad",
              "status": "affected",
              "version": "92252eec913b2dd5e7b5de11ea3efa2e64d65cf4",
              "versionType": "git"
            },
            {
              "lessThan": "4469c0c5b14a0919f5965c7ceac96b523eb57b79",
              "status": "affected",
              "version": "92252eec913b2dd5e7b5de11ea3efa2e64d65cf4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/phy/phy_device.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: fix phy_get_internal_delay accessing an empty array\n\nThe phy_get_internal_delay function could try to access to an empty\narray in the case that the driver is calling phy_get_internal_delay\nwithout defining delay_values and rx-internal-delay-ps or\ntx-internal-delay-ps is defined to 0 in the device-tree.\nThis will lead to \"unable to handle kernel NULL pointer dereference at\nvirtual address 0\". To avoid this kernel oops, the test should be delay\n\u003e= 0. As there is already delay \u003c 0 test just before, the test could\nonly be size == 0."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:22.595Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/06dd21045a7e8bc8701b0ebedcd9a30a6325878b"
        },
        {
          "url": "https://git.kernel.org/stable/c/0e939a002c8a7d66e60bd0ea6b281fb39d713c1a"
        },
        {
          "url": "https://git.kernel.org/stable/c/2a2ff709511617de9c6c072eeee82bcbbdfecaf8"
        },
        {
          "url": "https://git.kernel.org/stable/c/589ec16174dd9378953b8232ae76fad0a96e1563"
        },
        {
          "url": "https://git.kernel.org/stable/c/c0691de7df1d51482a52cac93b7fe82fd9dd296b"
        },
        {
          "url": "https://git.kernel.org/stable/c/0307cf443308ecc6be9b2ca312bb31bae5e5a7ad"
        },
        {
          "url": "https://git.kernel.org/stable/c/4469c0c5b14a0919f5965c7ceac96b523eb57b79"
        }
      ],
      "title": "net: phy: fix phy_get_internal_delay accessing an empty array",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27047",
    "datePublished": "2024-05-01T12:54:25.156Z",
    "dateReserved": "2024-02-19T14:20:24.213Z",
    "dateUpdated": "2026-05-12T11:51:16.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27051 (GCVE-0-2024-27051)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-11 20:09

Title

cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value

Summary

In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/9127599c075caff23…
https://git.kernel.org/stable/c/d951cf510fb0df91d…
https://git.kernel.org/stable/c/e72160cb6e23b78b4…
https://git.kernel.org/stable/c/b25b64a241d769e93…
https://git.kernel.org/stable/c/74b84d0d71180330e…
https://git.kernel.org/stable/c/e6e3e51ffba078478…
https://git.kernel.org/stable/c/f661017e6d326ee18…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: de322e085995b9417582d6f72229dadb5c09d163 , < 9127599c075caff234359950117018a010dd01db (git) Affected: de322e085995b9417582d6f72229dadb5c09d163 , < d951cf510fb0df91d3abac0121a59ebbc63c0567 (git) Affected: de322e085995b9417582d6f72229dadb5c09d163 , < e72160cb6e23b78b41999d6885a34ce8db536095 (git) Affected: de322e085995b9417582d6f72229dadb5c09d163 , < b25b64a241d769e932a022e5c780cf135ef56035 (git) Affected: de322e085995b9417582d6f72229dadb5c09d163 , < 74b84d0d71180330efe67c82f973a87f828323e5 (git) Affected: de322e085995b9417582d6f72229dadb5c09d163 , < e6e3e51ffba0784782b1a076d7441605697ea3c6 (git) Affected: de322e085995b9417582d6f72229dadb5c09d163 , < f661017e6d326ee187db24194cabb013d81bc2a6 (git)
Linux	Linux	Affected: 4.10 Unaffected: 0 , < 4.10 (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27051",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-28T16:15:35.545255Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:47:03.499Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.886Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/cpufreq/brcmstb-avs-cpufreq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9127599c075caff234359950117018a010dd01db",
              "status": "affected",
              "version": "de322e085995b9417582d6f72229dadb5c09d163",
              "versionType": "git"
            },
            {
              "lessThan": "d951cf510fb0df91d3abac0121a59ebbc63c0567",
              "status": "affected",
              "version": "de322e085995b9417582d6f72229dadb5c09d163",
              "versionType": "git"
            },
            {
              "lessThan": "e72160cb6e23b78b41999d6885a34ce8db536095",
              "status": "affected",
              "version": "de322e085995b9417582d6f72229dadb5c09d163",
              "versionType": "git"
            },
            {
              "lessThan": "b25b64a241d769e932a022e5c780cf135ef56035",
              "status": "affected",
              "version": "de322e085995b9417582d6f72229dadb5c09d163",
              "versionType": "git"
            },
            {
              "lessThan": "74b84d0d71180330efe67c82f973a87f828323e5",
              "status": "affected",
              "version": "de322e085995b9417582d6f72229dadb5c09d163",
              "versionType": "git"
            },
            {
              "lessThan": "e6e3e51ffba0784782b1a076d7441605697ea3c6",
              "status": "affected",
              "version": "de322e085995b9417582d6f72229dadb5c09d163",
              "versionType": "git"
            },
            {
              "lessThan": "f661017e6d326ee187db24194cabb013d81bc2a6",
              "status": "affected",
              "version": "de322e085995b9417582d6f72229dadb5c09d163",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/cpufreq/brcmstb-avs-cpufreq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:27.505Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9127599c075caff234359950117018a010dd01db"
        },
        {
          "url": "https://git.kernel.org/stable/c/d951cf510fb0df91d3abac0121a59ebbc63c0567"
        },
        {
          "url": "https://git.kernel.org/stable/c/e72160cb6e23b78b41999d6885a34ce8db536095"
        },
        {
          "url": "https://git.kernel.org/stable/c/b25b64a241d769e932a022e5c780cf135ef56035"
        },
        {
          "url": "https://git.kernel.org/stable/c/74b84d0d71180330efe67c82f973a87f828323e5"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6e3e51ffba0784782b1a076d7441605697ea3c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/f661017e6d326ee187db24194cabb013d81bc2a6"
        }
      ],
      "title": "cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27051",
    "datePublished": "2024-05-01T12:54:39.024Z",
    "dateReserved": "2024-02-19T14:20:24.213Z",
    "dateUpdated": "2026-05-11T20:09:27.505Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27052 (GCVE-0-2024-27052)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-12 11:51

Title

wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

Summary

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-416 - Use After Free

Assigner

Linux

References

9 references

URL	Tags
https://git.kernel.org/stable/c/dddedfa3b29a63c2c…
https://git.kernel.org/stable/c/ac512507ac89c01ed…
https://git.kernel.org/stable/c/3518cea837de4d106…
https://git.kernel.org/stable/c/156012667b85ca730…
https://git.kernel.org/stable/c/7059cdb69f8e1a270…
https://git.kernel.org/stable/c/58fe3bbddfec10c6b…
https://git.kernel.org/stable/c/1213acb478a7181cd…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://cert-portal.siemens.com/productcert/html/…

Impacted products

5 products

Vendor	Product	Version
Linux	Linux	Affected: e542e66b7c2ee2adeefdbb7f259f2f60cadf2819 , < dddedfa3b29a63c2ca4336663806a6128b8545b4 (git) Affected: e542e66b7c2ee2adeefdbb7f259f2f60cadf2819 , < ac512507ac89c01ed6cd4ca53032f52cdb23ea59 (git) Affected: e542e66b7c2ee2adeefdbb7f259f2f60cadf2819 , < 3518cea837de4d106efa84ddac18a07b6de1384e (git) Affected: e542e66b7c2ee2adeefdbb7f259f2f60cadf2819 , < 156012667b85ca7305cb363790d3ae8519a6f41e (git) Affected: e542e66b7c2ee2adeefdbb7f259f2f60cadf2819 , < 7059cdb69f8e1a2707dd1e2f363348b507ed7707 (git) Affected: e542e66b7c2ee2adeefdbb7f259f2f60cadf2819 , < 58fe3bbddfec10c6b216096d8c0e517cd8463e3a (git) Affected: e542e66b7c2ee2adeefdbb7f259f2f60cadf2819 , < 1213acb478a7181cd73eeaf00db430f1e45b1361 (git)
Linux	Linux	Affected: 5.5 Unaffected: 0 , < 5.5 (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)
linux	linux_kernel	Affected: 5.5 cpe:2.3:o:linux:linux_kernel:5.5:::::::*
linux	linux_kernel	Affected: e542e66b7c2e , < 58fe3bbddfec (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
Siemens	SIMATIC S7-1500 TM MFP - GNU/Linux subsystem	Affected: 0 , < * (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:5.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.5"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "58fe3bbddfec",
                "status": "affected",
                "version": "e542e66b7c2e",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-27052",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-13T15:54:30.303932Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:46:59.357Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dddedfa3b29a63c2ca4336663806a6128b8545b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ac512507ac89c01ed6cd4ca53032f52cdb23ea59"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3518cea837de4d106efa84ddac18a07b6de1384e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/156012667b85ca7305cb363790d3ae8519a6f41e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7059cdb69f8e1a2707dd1e2f363348b507ed7707"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/58fe3bbddfec10c6b216096d8c0e517cd8463e3a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1213acb478a7181cd73eeaf00db430f1e45b1361"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:51:18.072Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "dddedfa3b29a63c2ca4336663806a6128b8545b4",
              "status": "affected",
              "version": "e542e66b7c2ee2adeefdbb7f259f2f60cadf2819",
              "versionType": "git"
            },
            {
              "lessThan": "ac512507ac89c01ed6cd4ca53032f52cdb23ea59",
              "status": "affected",
              "version": "e542e66b7c2ee2adeefdbb7f259f2f60cadf2819",
              "versionType": "git"
            },
            {
              "lessThan": "3518cea837de4d106efa84ddac18a07b6de1384e",
              "status": "affected",
              "version": "e542e66b7c2ee2adeefdbb7f259f2f60cadf2819",
              "versionType": "git"
            },
            {
              "lessThan": "156012667b85ca7305cb363790d3ae8519a6f41e",
              "status": "affected",
              "version": "e542e66b7c2ee2adeefdbb7f259f2f60cadf2819",
              "versionType": "git"
            },
            {
              "lessThan": "7059cdb69f8e1a2707dd1e2f363348b507ed7707",
              "status": "affected",
              "version": "e542e66b7c2ee2adeefdbb7f259f2f60cadf2819",
              "versionType": "git"
            },
            {
              "lessThan": "58fe3bbddfec10c6b216096d8c0e517cd8463e3a",
              "status": "affected",
              "version": "e542e66b7c2ee2adeefdbb7f259f2f60cadf2819",
              "versionType": "git"
            },
            {
              "lessThan": "1213acb478a7181cd73eeaf00db430f1e45b1361",
              "status": "affected",
              "version": "e542e66b7c2ee2adeefdbb7f259f2f60cadf2819",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "lessThan": "5.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work\n\nThe workqueue might still be running, when the driver is stopped. To\navoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:28.647Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/dddedfa3b29a63c2ca4336663806a6128b8545b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/ac512507ac89c01ed6cd4ca53032f52cdb23ea59"
        },
        {
          "url": "https://git.kernel.org/stable/c/3518cea837de4d106efa84ddac18a07b6de1384e"
        },
        {
          "url": "https://git.kernel.org/stable/c/156012667b85ca7305cb363790d3ae8519a6f41e"
        },
        {
          "url": "https://git.kernel.org/stable/c/7059cdb69f8e1a2707dd1e2f363348b507ed7707"
        },
        {
          "url": "https://git.kernel.org/stable/c/58fe3bbddfec10c6b216096d8c0e517cd8463e3a"
        },
        {
          "url": "https://git.kernel.org/stable/c/1213acb478a7181cd73eeaf00db430f1e45b1361"
        }
      ],
      "title": "wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27052",
    "datePublished": "2024-05-01T12:54:42.547Z",
    "dateReserved": "2024-02-19T14:20:24.214Z",
    "dateUpdated": "2026-05-12T11:51:18.072Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27053 (GCVE-0-2024-27053)

Vulnerability from cvelistv5 – Published: 2024-05-01 12:54 – Updated: 2026-05-12 11:51

Title

wifi: wilc1000: fix RCU usage in connect path

Summary

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix RCU usage in connect path With lockdep enabled, calls to the connect function from cfg802.11 layer lead to the following warning: ============================= WARNING: suspicious RCU usage 6.7.0-rc1-wt+ #333 Not tainted ----------------------------- drivers/net/wireless/microchip/wilc1000/hif.c:386 suspicious rcu_dereference_check() usage! [...] stack backtrace: CPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333 Hardware name: Atmel SAMA5 unwind_backtrace from show_stack+0x18/0x1c show_stack from dump_stack_lvl+0x34/0x48 dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4 wilc_parse_join_bss_param from connect+0x2c4/0x648 connect from cfg80211_connect+0x30c/0xb74 cfg80211_connect from nl80211_connect+0x860/0xa94 nl80211_connect from genl_rcv_msg+0x3fc/0x59c genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8 netlink_rcv_skb from genl_rcv+0x2c/0x3c genl_rcv from netlink_unicast+0x3b0/0x550 netlink_unicast from netlink_sendmsg+0x368/0x688 netlink_sendmsg from ____sys_sendmsg+0x190/0x430 ____sys_sendmsg from ___sys_sendmsg+0x110/0x158 ___sys_sendmsg from sys_sendmsg+0xe8/0x150 sys_sendmsg from ret_fast_syscall+0x0/0x1c This warning is emitted because in the connect path, when trying to parse target BSS parameters, we dereference a RCU pointer whithout being in RCU critical section. Fix RCU dereference usage by moving it to a RCU read critical section. To avoid wrapping the whole wilc_parse_join_bss_param under the critical section, just use the critical section to copy ies data

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-476 - NULL Pointer Dereference

Assigner

Linux

References

10 references

URL	Tags
https://git.kernel.org/stable/c/e556006de4ea93abe…
https://git.kernel.org/stable/c/b4bbf38c350acb650…
https://git.kernel.org/stable/c/d80fc436751cfa6b0…
https://git.kernel.org/stable/c/745003b5917b61035…
https://git.kernel.org/stable/c/4bfd20d5f5c62b549…
https://git.kernel.org/stable/c/5800ec78775c0cd64…
https://git.kernel.org/stable/c/dd50d3ead6e3707bb…
https://git.kernel.org/stable/c/205c50306acf58a33…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://cert-portal.siemens.com/productcert/html/…

Impacted products

21 products

Vendor	Product	Version
Linux	Linux	Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < e556006de4ea93abe2b46cba202a2556c544b8b2 (git) Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < b4bbf38c350acb6500cbe667b1e2e68f896e4b38 (git) Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2 (git) Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < 745003b5917b610352f52fe0d11ef658d6471ec2 (git) Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < 4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce (git) Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < 5800ec78775c0cd646f71eb9bf8402fb794807de (git) Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < dd50d3ead6e3707bb0a5df7cc832730c93ace3a7 (git) Affected: c460495ee072fc01a9b1e8d72c179510418cafac , < 205c50306acf58a335eb19fa84e40140f4fe814f (git)
Linux	Linux	Affected: 5.1 Unaffected: 0 , < 5.1 (semver) Unaffected: 5.4.273 , ≤ 5.4.* (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)
linux	linux_kernel	Affected: c460495ee072 , < e556006de4ea (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: c460495ee072 , < b4bbf38c350a (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: c460495ee072 , < d80fc436751c (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: c460495ee072 , < 745003b5917b (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: c460495ee072 , < 4bfd20d5f5c (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: c460495ee072 , < 5800ec78775c (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: c460495ee072 , < dd50d3ead6e3 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: c460495ee072 , < 205c50306acf (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 5.4.273 , ≤ 5.5 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 5.15.153 , ≤ 5.16 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 6.1.83 , ≤ 6.2 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 6.6.23 , ≤ 6.7 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 6.7.11 , ≤ 6.8 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 6.9 cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 0 , < 5.1 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Affected: 5.1 cpe:2.3:o:linux:linux_kernel:5.1:::::::*
linux	linux_kernel	Unaffected: 5.10.214 , ≤ 5.11 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
linux	linux_kernel	Unaffected: 6.8.2 , ≤ 6.9 (custom) cpe:2.3:o:linux:linux_kernel:-:::::::*
Siemens	SIMATIC S7-1500 TM MFP - GNU/Linux subsystem	Affected: 0 , < * (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "e556006de4ea",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "b4bbf38c350a",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "d80fc436751c",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "745003b5917b",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "4bfd20d5f5c",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5800ec78775c",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "dd50d3ead6e3",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "205c50306acf",
                "status": "affected",
                "version": "c460495ee072",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.5",
                "status": "unaffected",
                "version": "5.4.273",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.16",
                "status": "unaffected",
                "version": "5.15.153",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.2",
                "status": "unaffected",
                "version": "6.1.83",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.7",
                "status": "unaffected",
                "version": "6.6.23",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.8",
                "status": "unaffected",
                "version": "6.7.11",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.9"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5.1",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:5.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "5.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.11",
                "status": "unaffected",
                "version": "5.10.214",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.9",
                "status": "unaffected",
                "version": "6.8.2",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-27053",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T20:53:59.281892Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T20:56:44.439Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:51:19.382Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/microchip/wilc1000/hif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e556006de4ea93abe2b46cba202a2556c544b8b2",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            },
            {
              "lessThan": "b4bbf38c350acb6500cbe667b1e2e68f896e4b38",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            },
            {
              "lessThan": "d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            },
            {
              "lessThan": "745003b5917b610352f52fe0d11ef658d6471ec2",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            },
            {
              "lessThan": "4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            },
            {
              "lessThan": "5800ec78775c0cd646f71eb9bf8402fb794807de",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            },
            {
              "lessThan": "dd50d3ead6e3707bb0a5df7cc832730c93ace3a7",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            },
            {
              "lessThan": "205c50306acf58a335eb19fa84e40140f4fe814f",
              "status": "affected",
              "version": "c460495ee072fc01a9b1e8d72c179510418cafac",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/microchip/wilc1000/hif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.1"
            },
            {
              "lessThan": "5.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.273",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix RCU usage in connect path\n\nWith lockdep enabled, calls to the connect function from cfg802.11 layer\nlead to the following warning:\n\n=============================\nWARNING: suspicious RCU usage\n6.7.0-rc1-wt+ #333 Not tainted\n-----------------------------\ndrivers/net/wireless/microchip/wilc1000/hif.c:386\nsuspicious rcu_dereference_check() usage!\n[...]\nstack backtrace:\nCPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x48\n dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4\n wilc_parse_join_bss_param from connect+0x2c4/0x648\n connect from cfg80211_connect+0x30c/0xb74\n cfg80211_connect from nl80211_connect+0x860/0xa94\n nl80211_connect from genl_rcv_msg+0x3fc/0x59c\n genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8\n netlink_rcv_skb from genl_rcv+0x2c/0x3c\n genl_rcv from netlink_unicast+0x3b0/0x550\n netlink_unicast from netlink_sendmsg+0x368/0x688\n netlink_sendmsg from ____sys_sendmsg+0x190/0x430\n ____sys_sendmsg from ___sys_sendmsg+0x110/0x158\n ___sys_sendmsg from sys_sendmsg+0xe8/0x150\n sys_sendmsg from ret_fast_syscall+0x0/0x1c\n\nThis warning is emitted because in the connect path, when trying to parse\ntarget BSS parameters, we dereference a RCU pointer whithout being in RCU\ncritical section.\nFix RCU dereference usage by moving it to a RCU read critical section. To\navoid wrapping the whole wilc_parse_join_bss_param under the critical\nsection, just use the critical section to copy ies data"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:29.759Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e556006de4ea93abe2b46cba202a2556c544b8b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4bbf38c350acb6500cbe667b1e2e68f896e4b38"
        },
        {
          "url": "https://git.kernel.org/stable/c/d80fc436751cfa6b02a8eda74eb6cce7dadfe5a2"
        },
        {
          "url": "https://git.kernel.org/stable/c/745003b5917b610352f52fe0d11ef658d6471ec2"
        },
        {
          "url": "https://git.kernel.org/stable/c/4bfd20d5f5c62b5495d6c0016ee6933bd3add7ce"
        },
        {
          "url": "https://git.kernel.org/stable/c/5800ec78775c0cd646f71eb9bf8402fb794807de"
        },
        {
          "url": "https://git.kernel.org/stable/c/dd50d3ead6e3707bb0a5df7cc832730c93ace3a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/205c50306acf58a335eb19fa84e40140f4fe814f"
        }
      ],
      "title": "wifi: wilc1000: fix RCU usage in connect path",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27053",
    "datePublished": "2024-05-01T12:54:45.964Z",
    "dateReserved": "2024-02-19T14:20:24.214Z",
    "dateUpdated": "2026-05-12T11:51:19.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27059 (GCVE-0-2024-27059)

Vulnerability from cvelistv5 – Published: 2024-05-01 13:00 – Updated: 2026-05-12 11:51

Title

USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command

Summary

In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ or WRITE commands. The calculation involves division and modulus operations, which will cause a crash if either of these values is 0. While this never happens with a genuine device, it could happen with a flawed or subversive emulation, as reported by the syzbot fuzzer. Protect against this possibility by refusing to bind to the device if either the ATA_ID_HEADS or ATA_ID_SECTORS value in the device's ID information is 0. This requires isd200_Initialization() to return a negative error code when initialization fails; currently it always returns 0 (even when there is an error).

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

11 references

URL	Tags
https://git.kernel.org/stable/c/9968c701cba7eda42…
https://git.kernel.org/stable/c/eb7b01ca778170654…
https://git.kernel.org/stable/c/284fb1003d5da1110…
https://git.kernel.org/stable/c/6c1f36d92c0a87995…
https://git.kernel.org/stable/c/f42ba916689f5c7b1…
https://git.kernel.org/stable/c/871fd7b10b56d2809…
https://git.kernel.org/stable/c/3a67d4ab9e730361d…
https://git.kernel.org/stable/c/014bcf41d946b36a8…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://cert-portal.siemens.com/productcert/html/…

Impacted products

3 products

Vendor	Product	Version
Linux	Linux	Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 9968c701cba7eda42e5f0052b040349d6222ae34 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < eb7b01ca778170654e1c76950024270ba74b121f (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 284fb1003d5da111019b9e0bf99b084fd71ac133 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 6c1f36d92c0a8799569055012665d2bb066fb964 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < f42ba916689f5c7b1642092266d2f53cf527aaaa (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 871fd7b10b56d280990b7e754f43d888382ca325 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 3a67d4ab9e730361d183086dfb0ddd8c61f01636 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 014bcf41d946b36a8f0b8e9b5d9529efbb822f49 (git)
Linux	Linux	Affected: 2.6.12 Unaffected: 0 , < 2.6.12 (semver) Unaffected: 4.19.312 , ≤ 4.19.* (semver) Unaffected: 5.4.274 , ≤ 5.4.* (semver) Unaffected: 5.10.215 , ≤ 5.10.* (semver) Unaffected: 5.15.154 , ≤ 5.15.* (semver) Unaffected: 6.1.84 , ≤ 6.1.* (semver) Unaffected: 6.6.24 , ≤ 6.6.* (semver) Unaffected: 6.7.12 , ≤ 6.7.* (semver) Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Siemens	SIMATIC S7-1500 TM MFP - GNU/Linux subsystem	Affected: 0 , < * (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27059",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-09T18:38:40.955330Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:46:17.539Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:51:20.583Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/storage/isd200.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9968c701cba7eda42e5f0052b040349d6222ae34",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "eb7b01ca778170654e1c76950024270ba74b121f",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "284fb1003d5da111019b9e0bf99b084fd71ac133",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "6c1f36d92c0a8799569055012665d2bb066fb964",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "f42ba916689f5c7b1642092266d2f53cf527aaaa",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "871fd7b10b56d280990b7e754f43d888382ca325",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "3a67d4ab9e730361d183086dfb0ddd8c61f01636",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "014bcf41d946b36a8f0b8e9b5d9529efbb822f49",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/storage/isd200.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.12"
            },
            {
              "lessThan": "2.6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.312",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.274",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.154",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.84",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.24",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.312",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.274",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.215",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.154",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.84",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.24",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.12",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands.  The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0.  While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0.  This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:09:35.527Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9968c701cba7eda42e5f0052b040349d6222ae34"
        },
        {
          "url": "https://git.kernel.org/stable/c/eb7b01ca778170654e1c76950024270ba74b121f"
        },
        {
          "url": "https://git.kernel.org/stable/c/284fb1003d5da111019b9e0bf99b084fd71ac133"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c1f36d92c0a8799569055012665d2bb066fb964"
        },
        {
          "url": "https://git.kernel.org/stable/c/f42ba916689f5c7b1642092266d2f53cf527aaaa"
        },
        {
          "url": "https://git.kernel.org/stable/c/871fd7b10b56d280990b7e754f43d888382ca325"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a67d4ab9e730361d183086dfb0ddd8c61f01636"
        },
        {
          "url": "https://git.kernel.org/stable/c/014bcf41d946b36a8f0b8e9b5d9529efbb822f49"
        }
      ],
      "title": "USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27059",
    "datePublished": "2024-05-01T13:00:10.571Z",
    "dateReserved": "2024-02-19T14:20:24.214Z",
    "dateUpdated": "2026-05-12T11:51:20.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-27065 (GCVE-0-2024-27065)

Vulnerability from cvelistv5 – Published: 2024-05-01 13:04 – Updated: 2026-05-23 15:41

Title

netfilter: nf_tables: do not compare internal table flags on updates

Summary

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

12 references

URL	Tags
https://git.kernel.org/stable/c/845083249d6a392f3…
https://git.kernel.org/stable/c/2531f907d3e40a617…
https://git.kernel.org/stable/c/fcf32a5bfcb8a57ac…
https://git.kernel.org/stable/c/640dbf688ba955e83…
https://git.kernel.org/stable/c/9683cb6c2c6c0f455…
https://git.kernel.org/stable/c/4d37f12707ee965d3…
https://git.kernel.org/stable/c/3443e57654f90c9a8…
https://git.kernel.org/stable/c/df257c435e51651c4…
https://git.kernel.org/stable/c/4a0e7f2decbf9bd72…
https://lists.debian.org/debian-lts-announce/2024…	x_transferred
https://cert-portal.siemens.com/productcert/html/…
https://cert-portal.siemens.com/productcert/html/…

Impacted products

6 products

Vendor	Product	Version
Linux	Linux	Affected: bf8083bbf8fa202e6e5316bbd99759ab82bfe7a3 , < 845083249d6a392f3a88804e1669bdb936ee129f (git) Affected: e10f661adc556c4969c70ddaddf238bffdaf1e87 , < 2531f907d3e40a6173090f10670ae76d117ab27b (git) Affected: d9c4da8cb74e8ee6e58a064a3573aa37acf6c935 , < fcf32a5bfcb8a57ac0ce717fcfa4d688c91f1005 (git) Affected: 179d9ba5559a756f4322583388b3213fe4e391b0 , < 640dbf688ba955e83e03de84fbdda8e570b7cce4 (git) Affected: 179d9ba5559a756f4322583388b3213fe4e391b0 , < 9683cb6c2c6c0f45537bf0b8868b5d38fcb63fc7 (git) Affected: 179d9ba5559a756f4322583388b3213fe4e391b0 , < 4d37f12707ee965d338028732575f0b85f6d9e4f (git) Affected: 179d9ba5559a756f4322583388b3213fe4e391b0 , < 3443e57654f90c9a843ab6a6040c10709fd033aa (git) Affected: 179d9ba5559a756f4322583388b3213fe4e391b0 , < df257c435e51651c43b86326d112ddadda76350e (git) Affected: 179d9ba5559a756f4322583388b3213fe4e391b0 , < 4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139 (git) Affected: 5.4.262 , < 5.4.273 (semver) Affected: 5.10.202 , < 5.10.214 (semver)
Linux	Linux	Affected: 5.13 Unaffected: 0 , < 5.13 (semver) Unaffected: 5.4.273 , ≤ 5.4.* (semver) Unaffected: 5.10.214 , ≤ 5.10.* (semver) Unaffected: 5.15.153 , ≤ 5.15.* (semver) Unaffected: 6.1.83 , ≤ 6.1.* (semver) Unaffected: 6.6.23 , ≤ 6.6.* (semver) Unaffected: 6.7.11 , ≤ 6.7.* (semver) Unaffected: 6.8.2 , ≤ 6.8.* (semver) Unaffected: 6.9 , ≤ * (original_commit_for_fix)
Siemens	SIMATIC S7-1500 TM MFP - GNU/Linux subsystem	Affected: 0 , < * (custom)
Siemens	SIMATIC S7-1500 CPU 1518-4 PN/DP MFP	Affected: V3.1.0 , < V3.1.5 (custom)
Siemens	SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP	Affected: V3.1.0 , < V3.1.5 (custom)
Siemens	SIPLUS S7-1500 CPU 1518-4 PN/DP MFP	Affected: V3.1.0 , < V3.1.5 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27065",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-13T19:23:19.271055Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-13T19:23:29.610Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:27:58.377Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/845083249d6a392f3a88804e1669bdb936ee129f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2531f907d3e40a6173090f10670ae76d117ab27b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fcf32a5bfcb8a57ac0ce717fcfa4d688c91f1005"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/640dbf688ba955e83e03de84fbdda8e570b7cce4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9683cb6c2c6c0f45537bf0b8868b5d38fcb63fc7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4d37f12707ee965d338028732575f0b85f6d9e4f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3443e57654f90c9a843ab6a6040c10709fd033aa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/df257c435e51651c43b86326d112ddadda76350e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1.5",
                "status": "affected",
                "version": "V3.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1.5",
                "status": "affected",
                "version": "V3.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1.5",
                "status": "affected",
                "version": "V3.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1.5",
                "status": "affected",
                "version": "V3.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1.5",
                "status": "affected",
                "version": "V3.1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:51:27.106Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "845083249d6a392f3a88804e1669bdb936ee129f",
              "status": "affected",
              "version": "bf8083bbf8fa202e6e5316bbd99759ab82bfe7a3",
              "versionType": "git"
            },
            {
              "lessThan": "2531f907d3e40a6173090f10670ae76d117ab27b",
              "status": "affected",
              "version": "e10f661adc556c4969c70ddaddf238bffdaf1e87",
              "versionType": "git"
            },
            {
              "lessThan": "fcf32a5bfcb8a57ac0ce717fcfa4d688c91f1005",
              "status": "affected",
              "version": "d9c4da8cb74e8ee6e58a064a3573aa37acf6c935",
              "versionType": "git"
            },
            {
              "lessThan": "640dbf688ba955e83e03de84fbdda8e570b7cce4",
              "status": "affected",
              "version": "179d9ba5559a756f4322583388b3213fe4e391b0",
              "versionType": "git"
            },
            {
              "lessThan": "9683cb6c2c6c0f45537bf0b8868b5d38fcb63fc7",
              "status": "affected",
              "version": "179d9ba5559a756f4322583388b3213fe4e391b0",
              "versionType": "git"
            },
            {
              "lessThan": "4d37f12707ee965d338028732575f0b85f6d9e4f",
              "status": "affected",
              "version": "179d9ba5559a756f4322583388b3213fe4e391b0",
              "versionType": "git"
            },
            {
              "lessThan": "3443e57654f90c9a843ab6a6040c10709fd033aa",
              "status": "affected",
              "version": "179d9ba5559a756f4322583388b3213fe4e391b0",
              "versionType": "git"
            },
            {
              "lessThan": "df257c435e51651c43b86326d112ddadda76350e",
              "status": "affected",
              "version": "179d9ba5559a756f4322583388b3213fe4e391b0",
              "versionType": "git"
            },
            {
              "lessThan": "4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139",
              "status": "affected",
              "version": "179d9ba5559a756f4322583388b3213fe4e391b0",
              "versionType": "git"
            },
            {
              "lessThan": "5.4.273",
              "status": "affected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThan": "5.10.214",
              "status": "affected",
              "version": "5.10.202",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.214",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.153",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.83",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.273",
                  "versionStartIncluding": "5.4.262",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.214",
                  "versionStartIncluding": "5.10.202",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.153",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.83",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.23",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.11",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.2",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not compare internal table flags on updates\n\nRestore skipping transaction if table update does not modify flags."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T15:41:43.146Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/845083249d6a392f3a88804e1669bdb936ee129f"
        },
        {
          "url": "https://git.kernel.org/stable/c/2531f907d3e40a6173090f10670ae76d117ab27b"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcf32a5bfcb8a57ac0ce717fcfa4d688c91f1005"
        },
        {
          "url": "https://git.kernel.org/stable/c/640dbf688ba955e83e03de84fbdda8e570b7cce4"
        },
        {
          "url": "https://git.kernel.org/stable/c/9683cb6c2c6c0f45537bf0b8868b5d38fcb63fc7"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d37f12707ee965d338028732575f0b85f6d9e4f"
        },
        {
          "url": "https://git.kernel.org/stable/c/3443e57654f90c9a843ab6a6040c10709fd033aa"
        },
        {
          "url": "https://git.kernel.org/stable/c/df257c435e51651c43b86326d112ddadda76350e"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a0e7f2decbf9bd72461226f1f5f7dcc4b08f139"
        }
      ],
      "title": "netfilter: nf_tables: do not compare internal table flags on updates",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27065",
    "datePublished": "2024-05-01T13:04:09.106Z",
    "dateReserved": "2024-02-19T14:20:24.215Z",
    "dateUpdated": "2026-05-23T15:41:43.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTFR-2024-AVI-0381

Solution

CVE-2024-27043 (GCVE-0-2024-27043)

CVE-2024-27044 (GCVE-0-2024-27044)

CVE-2024-27045 (GCVE-0-2024-27045)

CVE-2024-27046 (GCVE-0-2024-27046)

CVE-2024-27047 (GCVE-0-2024-27047)

CVE-2024-27051 (GCVE-0-2024-27051)

CVE-2024-27052 (GCVE-0-2024-27052)

CVE-2024-27053 (GCVE-0-2024-27053)

CVE-2024-27059 (GCVE-0-2024-27059)

CVE-2024-27065 (GCVE-0-2024-27065)

Tags

Sightings

Nomenclature