Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0716
Vulnerability from certfr_avis - Published: 2024-08-23 - Updated: 2024-08-23
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-35976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35976"
},
{
"name": "CVE-2024-36965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36965"
},
{
"name": "CVE-2024-26886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26886"
},
{
"name": "CVE-2024-36889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36889"
},
{
"name": "CVE-2024-38627",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
},
{
"name": "CVE-2024-38599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
},
{
"name": "CVE-2024-37353",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37353"
},
{
"name": "CVE-2024-36957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36957"
},
{
"name": "CVE-2024-26654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26654"
},
{
"name": "CVE-2024-36939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36939"
},
{
"name": "CVE-2024-36904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36904"
},
{
"name": "CVE-2024-38583",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
},
{
"name": "CVE-2024-36931",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36931"
},
{
"name": "CVE-2023-52760",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52760"
},
{
"name": "CVE-2024-26585",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26585"
},
{
"name": "CVE-2024-36967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
},
{
"name": "CVE-2024-26830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26830"
},
{
"name": "CVE-2022-48772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
},
{
"name": "CVE-2024-37356",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
},
{
"name": "CVE-2024-38659",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
},
{
"name": "CVE-2024-36886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36886"
},
{
"name": "CVE-2024-39484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39484"
},
{
"name": "CVE-2024-26600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
},
{
"name": "CVE-2024-36959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36959"
},
{
"name": "CVE-2021-46904",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46904"
},
{
"name": "CVE-2024-38601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
},
{
"name": "CVE-2024-38596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38596"
},
{
"name": "CVE-2024-36929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
},
{
"name": "CVE-2024-36883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36883"
},
{
"name": "CVE-2021-46926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46926"
},
{
"name": "CVE-2024-26903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26903"
},
{
"name": "CVE-2024-39480",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39480"
},
{
"name": "CVE-2024-26921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26921"
},
{
"name": "CVE-2024-36944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36944"
},
{
"name": "CVE-2024-39488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39488"
},
{
"name": "CVE-2024-36031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36031"
},
{
"name": "CVE-2024-36946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36946"
},
{
"name": "CVE-2024-36934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36934"
},
{
"name": "CVE-2024-36937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
},
{
"name": "CVE-2023-52585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52585"
},
{
"name": "CVE-2024-38600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38600"
},
{
"name": "CVE-2024-27398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27398"
},
{
"name": "CVE-2023-52629",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52629"
},
{
"name": "CVE-2024-36975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
},
{
"name": "CVE-2024-38560",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
},
{
"name": "CVE-2024-36952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36952"
},
{
"name": "CVE-2024-38578",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
},
{
"name": "CVE-2021-47131",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47131"
},
{
"name": "CVE-2024-36017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
},
{
"name": "CVE-2024-26679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26679"
},
{
"name": "CVE-2024-38582",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
},
{
"name": "CVE-2024-36938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36938"
},
{
"name": "CVE-2024-36928",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36928"
},
{
"name": "CVE-2024-38558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
},
{
"name": "CVE-2024-38613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38613"
},
{
"name": "CVE-2024-36960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36960"
},
{
"name": "CVE-2024-27401",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27401"
},
{
"name": "CVE-2024-36286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36286"
},
{
"name": "CVE-2024-36906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
},
{
"name": "CVE-2024-26900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26900"
},
{
"name": "CVE-2024-35955",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35955"
},
{
"name": "CVE-2024-36905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36905"
},
{
"name": "CVE-2024-26929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26929"
},
{
"name": "CVE-2024-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
},
{
"name": "CVE-2024-38612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38612"
},
{
"name": "CVE-2024-39301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
},
{
"name": "CVE-2024-39467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39467"
},
{
"name": "CVE-2024-27399",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27399"
},
{
"name": "CVE-2024-36270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
},
{
"name": "CVE-2024-36955",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36955"
},
{
"name": "CVE-2024-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
},
{
"name": "CVE-2024-35947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35947"
},
{
"name": "CVE-2024-39475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
},
{
"name": "CVE-2024-26583",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26583"
},
{
"name": "CVE-2024-26680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26680"
},
{
"name": "CVE-2024-24860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24860"
},
{
"name": "CVE-2022-48674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48674"
},
{
"name": "CVE-2024-39489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39489"
},
{
"name": "CVE-2024-38634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
},
{
"name": "CVE-2024-31076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31076"
},
{
"name": "CVE-2021-37159",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37159"
},
{
"name": "CVE-2024-36901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36901"
},
{
"name": "CVE-2023-52882",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52882"
},
{
"name": "CVE-2023-52470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
},
{
"name": "CVE-2024-36971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
},
{
"name": "CVE-2024-26584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
},
{
"name": "CVE-2024-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
},
{
"name": "CVE-2024-35848",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
},
{
"name": "CVE-2022-48655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48655"
},
{
"name": "CVE-2024-36941",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
},
{
"name": "CVE-2024-36902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36902"
},
{
"name": "CVE-2024-36014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
},
{
"name": "CVE-2024-35835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35835"
},
{
"name": "CVE-2024-36015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36015"
},
{
"name": "CVE-2024-39471",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
},
{
"name": "CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"name": "CVE-2024-36919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36919"
},
{
"name": "CVE-2024-38549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
},
{
"name": "CVE-2024-36969",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36969"
},
{
"name": "CVE-2023-52752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
},
{
"name": "CVE-2024-38780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
},
{
"name": "CVE-2024-26980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26980"
},
{
"name": "CVE-2024-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
},
{
"name": "CVE-2024-38567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
},
{
"name": "CVE-2024-27019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27019"
},
{
"name": "CVE-2024-36950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36950"
},
{
"name": "CVE-2023-52806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52806"
},
{
"name": "CVE-2024-36947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36947"
},
{
"name": "CVE-2024-36880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36880"
},
{
"name": "CVE-2024-26687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26687"
},
{
"name": "CVE-2024-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38637"
},
{
"name": "CVE-2024-38635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
},
{
"name": "CVE-2024-36016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
},
{
"name": "CVE-2024-36964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36964"
},
{
"name": "CVE-2024-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
},
{
"name": "CVE-2024-39276",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39276"
},
{
"name": "CVE-2024-36940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36940"
},
{
"name": "CVE-2023-52644",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52644"
},
{
"name": "CVE-2024-38589",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38589"
},
{
"name": "CVE-2024-38598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
},
{
"name": "CVE-2024-38381",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
},
{
"name": "CVE-2024-38661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
},
{
"name": "CVE-2024-39493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
},
{
"name": "CVE-2024-38559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
},
{
"name": "CVE-2024-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
},
{
"name": "CVE-2024-36916",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36916"
},
{
"name": "CVE-2024-26936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26936"
},
{
"name": "CVE-2024-38579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
},
{
"name": "CVE-2024-39292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39292"
},
{
"name": "CVE-2024-38607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38607"
},
{
"name": "CVE-2024-38587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
},
{
"name": "CVE-2024-36954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36954"
},
{
"name": "CVE-2024-36933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36933"
},
{
"name": "CVE-2024-36953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36953"
},
{
"name": "CVE-2024-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
},
{
"name": "CVE-2024-38615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38615"
},
{
"name": "CVE-2024-26907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26907"
}
],
"initial_release_date": "2024-08-23T00:00:00",
"last_revision_date": "2024-08-23T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0716",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2024-08-19",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6951-3",
"url": "https://ubuntu.com/security/notices/USN-6951-3"
},
{
"published_at": "2024-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6974-1",
"url": "https://ubuntu.com/security/notices/USN-6974-1"
},
{
"published_at": "2024-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6971-1",
"url": "https://ubuntu.com/security/notices/USN-6971-1"
},
{
"published_at": "2024-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6972-1",
"url": "https://ubuntu.com/security/notices/USN-6972-1"
},
{
"published_at": "2024-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6951-4",
"url": "https://ubuntu.com/security/notices/USN-6951-4"
},
{
"published_at": "2024-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6975-1",
"url": "https://ubuntu.com/security/notices/USN-6975-1"
},
{
"published_at": "2024-08-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6972-2",
"url": "https://ubuntu.com/security/notices/USN-6972-2"
},
{
"published_at": "2024-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6950-4",
"url": "https://ubuntu.com/security/notices/USN-6950-4"
},
{
"published_at": "2024-08-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6979-1",
"url": "https://ubuntu.com/security/notices/USN-6979-1"
},
{
"published_at": "2024-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6973-1",
"url": "https://ubuntu.com/security/notices/USN-6973-1"
}
]
}
CVE-2024-39471 (GCVE-0-2024-39471)
Vulnerability from cvelistv5 – Published: 2024-06-25 14:28 – Updated: 2026-05-11 20:21
VLAI
EPSS
Title
drm/amdgpu: add error handle to avoid out-of-bounds
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: add error handle to avoid out-of-bounds
if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should
be stop to avoid out-of-bounds read, so directly return -EINVAL.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9 , < 5594971e02764aa1c8210ffb838cb4e7897716e8
(git)
Affected: 7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9 , < 8112fa72b7f139052843ff484130d6f97e9f052f (git) Affected: 7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9 , < ea906e9ac61e3152bef63597f2d9f4a812fc346a (git) Affected: 7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9 , < 011552f29f20842c9a7a21bffe1f6a2d6457ba46 (git) Affected: 7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9 , < 5b0a3dc3e87821acb80e841b464d335aff242691 (git) Affected: 7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9 , < 0964c84b93db7fbf74f357c1e20957850e092db3 (git) Affected: 7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9 , < 8b2faf1a4f3b6c748c0da36cda865a226534d520 (git) |
|
| Linux | Linux |
Affected:
5.4
Unaffected: 0 , < 5.4 (semver) Unaffected: 5.4.278 , ≤ 5.4.* (semver) Unaffected: 5.10.219 , ≤ 5.10.* (semver) Unaffected: 5.15.161 , ≤ 5.15.* (semver) Unaffected: 6.1.94 , ≤ 6.1.* (semver) Unaffected: 6.6.34 , ≤ 6.6.* (semver) Unaffected: 6.9.5 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5594971e02764aa1c8210ffb838cb4e7897716e8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8112fa72b7f139052843ff484130d6f97e9f052f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ea906e9ac61e3152bef63597f2d9f4a812fc346a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/011552f29f20842c9a7a21bffe1f6a2d6457ba46"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5b0a3dc3e87821acb80e841b464d335aff242691"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0964c84b93db7fbf74f357c1e20957850e092db3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8b2faf1a4f3b6c748c0da36cda865a226534d520"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39471",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:07:48.948392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:41.543Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5594971e02764aa1c8210ffb838cb4e7897716e8",
"status": "affected",
"version": "7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9",
"versionType": "git"
},
{
"lessThan": "8112fa72b7f139052843ff484130d6f97e9f052f",
"status": "affected",
"version": "7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9",
"versionType": "git"
},
{
"lessThan": "ea906e9ac61e3152bef63597f2d9f4a812fc346a",
"status": "affected",
"version": "7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9",
"versionType": "git"
},
{
"lessThan": "011552f29f20842c9a7a21bffe1f6a2d6457ba46",
"status": "affected",
"version": "7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9",
"versionType": "git"
},
{
"lessThan": "5b0a3dc3e87821acb80e841b464d335aff242691",
"status": "affected",
"version": "7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9",
"versionType": "git"
},
{
"lessThan": "0964c84b93db7fbf74f357c1e20957850e092db3",
"status": "affected",
"version": "7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9",
"versionType": "git"
},
{
"lessThan": "8b2faf1a4f3b6c748c0da36cda865a226534d520",
"status": "affected",
"version": "7d0e6329dfdcfe48311f8888d6a8dfa73bee00a9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.4"
},
{
"lessThan": "5.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.94",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.34",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.278",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.219",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.161",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.94",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.34",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.5",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: add error handle to avoid out-of-bounds\n\nif the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should\nbe stop to avoid out-of-bounds read, so directly return -EINVAL."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:21:11.000Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5594971e02764aa1c8210ffb838cb4e7897716e8"
},
{
"url": "https://git.kernel.org/stable/c/8112fa72b7f139052843ff484130d6f97e9f052f"
},
{
"url": "https://git.kernel.org/stable/c/ea906e9ac61e3152bef63597f2d9f4a812fc346a"
},
{
"url": "https://git.kernel.org/stable/c/011552f29f20842c9a7a21bffe1f6a2d6457ba46"
},
{
"url": "https://git.kernel.org/stable/c/5b0a3dc3e87821acb80e841b464d335aff242691"
},
{
"url": "https://git.kernel.org/stable/c/0964c84b93db7fbf74f357c1e20957850e092db3"
},
{
"url": "https://git.kernel.org/stable/c/8b2faf1a4f3b6c748c0da36cda865a226534d520"
}
],
"title": "drm/amdgpu: add error handle to avoid out-of-bounds",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39471",
"datePublished": "2024-06-25T14:28:56.906Z",
"dateReserved": "2024-06-25T14:23:23.745Z",
"dateUpdated": "2026-05-11T20:21:11.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-39475 (GCVE-0-2024-39475)
Vulnerability from cvelistv5 – Published: 2024-07-05 06:55 – Updated: 2026-05-23 15:50
VLAI
EPSS
Title
fbdev: savage: Handle err return when savagefb_check_var failed
Summary
In the Linux kernel, the following vulnerability has been resolved:
fbdev: savage: Handle err return when savagefb_check_var failed
The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero")
checks the value of pixclock to avoid divide-by-zero error. However
the function savagefb_probe doesn't handle the error return of
savagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
224453de8505aede1890f007be973925a3edf6a1 , < be754cbd77eaf2932408a4e18532e4945274a5c7
(git)
Affected: 84dce0f6a4cc5b7bfd7242ef9290db8ac1dd77ff , < 86435f39c18967cdd937d7a49ba539cdea7fb547 (git) Affected: 512ee6d6041e007ef5bf200c6e388e172a2c5b24 , < 32f92b0078ebf79dbe4827288e0acb50d89d3d5b (git) Affected: 8c54acf33e5adaad6374bf3ec1e3aff0591cc8e1 , < 4b2c67e30b4e1d2ae19dba8b8e8f3b5fd3cf8089 (git) Affected: 070398d32c5f3ab0e890374904ad94551c76aec4 , < edaa57480b876e8203b51df7c3d14a51ea6b09e3 (git) Affected: bc3c2e58d73b28b9a8789fca84778ee165a72d13 , < b8385ff814ca4cb7e63789841e6ec2a14c73e1e8 (git) Affected: 04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288 , < 5f446859bfa46df0ffb34149499f48a2c2d8cd95 (git) Affected: 04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288 , < 6ad959b6703e2c4c5d7af03b4cfd5ff608036339 (git) Affected: a9ca4e80d23474f90841251f4ac0d941fa337a01 (git) Affected: 4.19.308 , < 4.19.316 (semver) Affected: 5.4.270 , < 5.4.278 (semver) Affected: 5.10.211 , < 5.10.219 (semver) Affected: 5.15.150 , < 5.15.161 (semver) Affected: 6.1.80 , < 6.1.94 (semver) Affected: 6.6.19 , < 6.6.34 (semver) Affected: 6.7.7 , < 6.8 (semver) |
|
| Linux | Linux |
Affected:
6.8
Unaffected: 0 , < 6.8 (semver) Unaffected: 4.19.316 , ≤ 4.19.* (semver) Unaffected: 5.4.278 , ≤ 5.4.* (semver) Unaffected: 5.10.219 , ≤ 5.10.* (semver) Unaffected: 5.15.161 , ≤ 5.15.* (semver) Unaffected: 6.1.94 , ≤ 6.1.* (semver) Unaffected: 6.6.34 , ≤ 6.6.* (semver) Unaffected: 6.9.5 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be754cbd77eaf2932408a4e18532e4945274a5c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/86435f39c18967cdd937d7a49ba539cdea7fb547"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/32f92b0078ebf79dbe4827288e0acb50d89d3d5b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b2c67e30b4e1d2ae19dba8b8e8f3b5fd3cf8089"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/edaa57480b876e8203b51df7c3d14a51ea6b09e3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b8385ff814ca4cb7e63789841e6ec2a14c73e1e8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f446859bfa46df0ffb34149499f48a2c2d8cd95"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6ad959b6703e2c4c5d7af03b4cfd5ff608036339"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39475",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:07:41.967965Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:41.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/video/fbdev/savage/savagefb_driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "be754cbd77eaf2932408a4e18532e4945274a5c7",
"status": "affected",
"version": "224453de8505aede1890f007be973925a3edf6a1",
"versionType": "git"
},
{
"lessThan": "86435f39c18967cdd937d7a49ba539cdea7fb547",
"status": "affected",
"version": "84dce0f6a4cc5b7bfd7242ef9290db8ac1dd77ff",
"versionType": "git"
},
{
"lessThan": "32f92b0078ebf79dbe4827288e0acb50d89d3d5b",
"status": "affected",
"version": "512ee6d6041e007ef5bf200c6e388e172a2c5b24",
"versionType": "git"
},
{
"lessThan": "4b2c67e30b4e1d2ae19dba8b8e8f3b5fd3cf8089",
"status": "affected",
"version": "8c54acf33e5adaad6374bf3ec1e3aff0591cc8e1",
"versionType": "git"
},
{
"lessThan": "edaa57480b876e8203b51df7c3d14a51ea6b09e3",
"status": "affected",
"version": "070398d32c5f3ab0e890374904ad94551c76aec4",
"versionType": "git"
},
{
"lessThan": "b8385ff814ca4cb7e63789841e6ec2a14c73e1e8",
"status": "affected",
"version": "bc3c2e58d73b28b9a8789fca84778ee165a72d13",
"versionType": "git"
},
{
"lessThan": "5f446859bfa46df0ffb34149499f48a2c2d8cd95",
"status": "affected",
"version": "04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288",
"versionType": "git"
},
{
"lessThan": "6ad959b6703e2c4c5d7af03b4cfd5ff608036339",
"status": "affected",
"version": "04e5eac8f3ab2ff52fa191c187a46d4fdbc1e288",
"versionType": "git"
},
{
"status": "affected",
"version": "a9ca4e80d23474f90841251f4ac0d941fa337a01",
"versionType": "git"
},
{
"lessThan": "4.19.316",
"status": "affected",
"version": "4.19.308",
"versionType": "semver"
},
{
"lessThan": "5.4.278",
"status": "affected",
"version": "5.4.270",
"versionType": "semver"
},
{
"lessThan": "5.10.219",
"status": "affected",
"version": "5.10.211",
"versionType": "semver"
},
{
"lessThan": "5.15.161",
"status": "affected",
"version": "5.15.150",
"versionType": "semver"
},
{
"lessThan": "6.1.94",
"status": "affected",
"version": "6.1.80",
"versionType": "semver"
},
{
"lessThan": "6.6.34",
"status": "affected",
"version": "6.6.19",
"versionType": "semver"
},
{
"lessThan": "6.8",
"status": "affected",
"version": "6.7.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/video/fbdev/savage/savagefb_driver.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.94",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.34",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.316",
"versionStartIncluding": "4.19.308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.278",
"versionStartIncluding": "5.4.270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.219",
"versionStartIncluding": "5.10.211",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.161",
"versionStartIncluding": "5.15.150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.94",
"versionStartIncluding": "6.1.80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.34",
"versionStartIncluding": "6.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.5",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Handle err return when savagefb_check_var failed\n\nThe commit 04e5eac8f3ab(\"fbdev: savage: Error out if pixclock equals zero\")\nchecks the value of pixclock to avoid divide-by-zero error. However\nthe function savagefb_probe doesn\u0027t handle the error return of\nsavagefb_check_var. When pixclock is 0, it will cause divide-by-zero error."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:50:11.189Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/be754cbd77eaf2932408a4e18532e4945274a5c7"
},
{
"url": "https://git.kernel.org/stable/c/86435f39c18967cdd937d7a49ba539cdea7fb547"
},
{
"url": "https://git.kernel.org/stable/c/32f92b0078ebf79dbe4827288e0acb50d89d3d5b"
},
{
"url": "https://git.kernel.org/stable/c/4b2c67e30b4e1d2ae19dba8b8e8f3b5fd3cf8089"
},
{
"url": "https://git.kernel.org/stable/c/edaa57480b876e8203b51df7c3d14a51ea6b09e3"
},
{
"url": "https://git.kernel.org/stable/c/b8385ff814ca4cb7e63789841e6ec2a14c73e1e8"
},
{
"url": "https://git.kernel.org/stable/c/5f446859bfa46df0ffb34149499f48a2c2d8cd95"
},
{
"url": "https://git.kernel.org/stable/c/6ad959b6703e2c4c5d7af03b4cfd5ff608036339"
}
],
"title": "fbdev: savage: Handle err return when savagefb_check_var failed",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39475",
"datePublished": "2024-07-05T06:55:05.886Z",
"dateReserved": "2024-06-25T14:23:23.745Z",
"dateUpdated": "2026-05-23T15:50:11.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-39480 (GCVE-0-2024-39480)
Vulnerability from cvelistv5 – Published: 2024-07-05 06:55 – Updated: 2026-05-11 20:21
VLAI
EPSS
Title
kdb: Fix buffer overflow during tab-complete
Summary
In the Linux kernel, the following vulnerability has been resolved:
kdb: Fix buffer overflow during tab-complete
Currently, when the user attempts symbol completion with the Tab key, kdb
will use strncpy() to insert the completed symbol into the command buffer.
Unfortunately it passes the size of the source buffer rather than the
destination to strncpy() with predictably horrible results. Most obviously
if the command buffer is already full but cp, the cursor position, is in
the middle of the buffer, then we will write past the end of the supplied
buffer.
Fix this by replacing the dubious strncpy() calls with memmove()/memcpy()
calls plus explicit boundary checks to make sure we have enough space
before we start moving characters around.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
8 references
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < fb824a99e148ff272a53d71d84122728b5f00992
(git)
Affected: 5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < ddd2972d8e2dee3b33e8121669d55def59f0be8a (git) Affected: 5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (git) Affected: 5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < f636a40834d22e5e3fc748f060211879c056cd33 (git) Affected: 5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < 33d9c814652b971461d1e30bead6792851c209e7 (git) Affected: 5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < 107e825cc448b7834b31e8b1b3cf0f57426d46d5 (git) Affected: 5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < f694da720dcf795dc3eb97bf76d220213f76aaa7 (git) Affected: 5d5314d6795f3c1c0f415348ff8c51f7de042b77 , < e9730744bf3af04cda23799029342aa3cddbc454 (git) |
|
| Linux | Linux |
Affected:
2.6.35
Unaffected: 0 , < 2.6.35 (semver) Unaffected: 4.19.316 , ≤ 4.19.* (semver) Unaffected: 5.4.278 , ≤ 5.4.* (semver) Unaffected: 5.10.219 , ≤ 5.10.* (semver) Unaffected: 5.15.161 , ≤ 5.15.* (semver) Unaffected: 6.1.94 , ≤ 6.1.* (semver) Unaffected: 6.6.34 , ≤ 6.6.* (semver) Unaffected: 6.9.5 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < fb824a99e148
(git)
Affected: 1da177e4c3f4 , < ddd2972d8e2d (git) Affected: 1da177e4c3f4 , < cfdc2fa4db57 (git) Affected: 1da177e4c3f4 , < f636a40834d2 (git) Affected: 1da177e4c3f4 , < 33d9c814652b (git) Affected: 1da177e4c3f4 , < 107e825cc448 (git) Affected: 1da177e4c3f4 , < f694da720dcf (git) Affected: 1da177e4c3f4 , < e9730744bf3a (git) Unaffected: 4.19.316 , ≤ 4.20 (git) Unaffected: 5.4.278 , ≤ 5.5 (git) Unaffected: 5.10.219 , ≤ 5.11 (git) Unaffected: 5.15.161 , ≤ 5.16 (git) Unaffected: 6.1.94 , ≤ 6.2 (git) Unaffected: 6.6.34 , ≤ 6.7 (git) Unaffected: 6.9.5 , ≤ 6.10 (git) Unaffected: 6.10 , ≤ * (git) cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "fb824a99e148",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "ddd2972d8e2d",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "cfdc2fa4db57",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f636a40834d2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "33d9c814652b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "107e825cc448",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "f694da720dcf",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "e9730744bf3a",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThanOrEqual": "4.20",
"status": "unaffected",
"version": "4.19.316",
"versionType": "git"
},
{
"lessThanOrEqual": "5.5",
"status": "unaffected",
"version": "5.4.278",
"versionType": "git"
},
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.219",
"versionType": "git"
},
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.161",
"versionType": "git"
},
{
"lessThanOrEqual": "6.2",
"status": "unaffected",
"version": "6.1.94",
"versionType": "git"
},
{
"lessThanOrEqual": "6.7",
"status": "unaffected",
"version": "6.6.34",
"versionType": "git"
},
{
"lessThanOrEqual": "6.10",
"status": "unaffected",
"version": "6.9.5",
"versionType": "git"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "git"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-39480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T03:55:14.759316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T14:14:17.550Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/debug/kdb/kdb_io.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "fb824a99e148ff272a53d71d84122728b5f00992",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
},
{
"lessThan": "ddd2972d8e2dee3b33e8121669d55def59f0be8a",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
},
{
"lessThan": "cfdc2fa4db57503bc6d3817240547c8ddc55fa96",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
},
{
"lessThan": "f636a40834d22e5e3fc748f060211879c056cd33",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
},
{
"lessThan": "33d9c814652b971461d1e30bead6792851c209e7",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
},
{
"lessThan": "107e825cc448b7834b31e8b1b3cf0f57426d46d5",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
},
{
"lessThan": "f694da720dcf795dc3eb97bf76d220213f76aaa7",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
},
{
"lessThan": "e9730744bf3af04cda23799029342aa3cddbc454",
"status": "affected",
"version": "5d5314d6795f3c1c0f415348ff8c51f7de042b77",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/debug/kdb/kdb_io.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.35"
},
{
"lessThan": "2.6.35",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.94",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.34",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.316",
"versionStartIncluding": "2.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.278",
"versionStartIncluding": "2.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.219",
"versionStartIncluding": "2.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.161",
"versionStartIncluding": "2.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.94",
"versionStartIncluding": "2.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.34",
"versionStartIncluding": "2.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.5",
"versionStartIncluding": "2.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "2.6.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:21:22.156Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992"
},
{
"url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a"
},
{
"url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96"
},
{
"url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33"
},
{
"url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7"
},
{
"url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5"
},
{
"url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7"
},
{
"url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454"
}
],
"title": "kdb: Fix buffer overflow during tab-complete",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39480",
"datePublished": "2024-07-05T06:55:09.241Z",
"dateReserved": "2024-06-25T14:23:23.746Z",
"dateUpdated": "2026-05-11T20:21:22.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-39484 (GCVE-0-2024-39484)
Vulnerability from cvelistv5 – Published: 2024-07-05 06:55 – Updated: 2026-05-11 20:21
VLAI
EPSS
Title
mmc: davinci: Don't strip remove function when driver is builtin
Summary
In the Linux kernel, the following vulnerability has been resolved:
mmc: davinci: Don't strip remove function when driver is builtin
Using __exit for the remove function results in the remove callback being
discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g.
using sysfs or hotplug), the driver is just removed without the cleanup
being performed. This results in resource leaks. Fix it by compiling in the
remove callback unconditionally.
This also fixes a W=1 modpost warning:
WARNING: modpost: drivers/mmc/host/davinci_mmc: section mismatch in
reference: davinci_mmcsd_driver+0x10 (section: .data) ->
davinci_mmcsd_remove (section: .exit.text)
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
b4cff4549b7a8c5fc8b88e3493b6287555f0512c , < 6ff7cfa02baabec907f6f29ea76634e6256d2ec4
(git)
Affected: b4cff4549b7a8c5fc8b88e3493b6287555f0512c , < aea35157bb9b825faa0432bd0f7fbea37ff39aa1 (git) Affected: b4cff4549b7a8c5fc8b88e3493b6287555f0512c , < 5ee241f72edc6dce5051a5f100eab6cc019d873e (git) Affected: b4cff4549b7a8c5fc8b88e3493b6287555f0512c , < 7590da4c04dd4aa9c262da0231e978263861c6eb (git) Affected: b4cff4549b7a8c5fc8b88e3493b6287555f0512c , < 1d5ed0efe51d36b9ae9b64f133bf41cdbf56f584 (git) Affected: b4cff4549b7a8c5fc8b88e3493b6287555f0512c , < 55c421b364482b61c4c45313a535e61ed5ae4ea3 (git) |
|
| Linux | Linux |
Affected:
2.6.33
Unaffected: 0 , < 2.6.33 (semver) Unaffected: 5.10.221 , ≤ 5.10.* (semver) Unaffected: 5.15.162 , ≤ 5.15.* (semver) Unaffected: 6.1.95 , ≤ 6.1.* (semver) Unaffected: 6.6.34 , ≤ 6.6.* (semver) Unaffected: 6.9.5 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39484",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T15:13:35.601101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-08T15:13:44.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:56:08.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6ff7cfa02baabec907f6f29ea76634e6256d2ec4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aea35157bb9b825faa0432bd0f7fbea37ff39aa1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5ee241f72edc6dce5051a5f100eab6cc019d873e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7590da4c04dd4aa9c262da0231e978263861c6eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1d5ed0efe51d36b9ae9b64f133bf41cdbf56f584"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/55c421b364482b61c4c45313a535e61ed5ae4ea3"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/mmc/host/davinci_mmc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6ff7cfa02baabec907f6f29ea76634e6256d2ec4",
"status": "affected",
"version": "b4cff4549b7a8c5fc8b88e3493b6287555f0512c",
"versionType": "git"
},
{
"lessThan": "aea35157bb9b825faa0432bd0f7fbea37ff39aa1",
"status": "affected",
"version": "b4cff4549b7a8c5fc8b88e3493b6287555f0512c",
"versionType": "git"
},
{
"lessThan": "5ee241f72edc6dce5051a5f100eab6cc019d873e",
"status": "affected",
"version": "b4cff4549b7a8c5fc8b88e3493b6287555f0512c",
"versionType": "git"
},
{
"lessThan": "7590da4c04dd4aa9c262da0231e978263861c6eb",
"status": "affected",
"version": "b4cff4549b7a8c5fc8b88e3493b6287555f0512c",
"versionType": "git"
},
{
"lessThan": "1d5ed0efe51d36b9ae9b64f133bf41cdbf56f584",
"status": "affected",
"version": "b4cff4549b7a8c5fc8b88e3493b6287555f0512c",
"versionType": "git"
},
{
"lessThan": "55c421b364482b61c4c45313a535e61ed5ae4ea3",
"status": "affected",
"version": "b4cff4549b7a8c5fc8b88e3493b6287555f0512c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/mmc/host/davinci_mmc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.33"
},
{
"lessThan": "2.6.33",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.95",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.34",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.221",
"versionStartIncluding": "2.6.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.162",
"versionStartIncluding": "2.6.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.95",
"versionStartIncluding": "2.6.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.34",
"versionStartIncluding": "2.6.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.5",
"versionStartIncluding": "2.6.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "2.6.33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: davinci: Don\u0027t strip remove function when driver is builtin\n\nUsing __exit for the remove function results in the remove callback being\ndiscarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g.\nusing sysfs or hotplug), the driver is just removed without the cleanup\nbeing performed. This results in resource leaks. Fix it by compiling in the\nremove callback unconditionally.\n\nThis also fixes a W=1 modpost warning:\n\nWARNING: modpost: drivers/mmc/host/davinci_mmc: section mismatch in\nreference: davinci_mmcsd_driver+0x10 (section: .data) -\u003e\ndavinci_mmcsd_remove (section: .exit.text)"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:21:26.849Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6ff7cfa02baabec907f6f29ea76634e6256d2ec4"
},
{
"url": "https://git.kernel.org/stable/c/aea35157bb9b825faa0432bd0f7fbea37ff39aa1"
},
{
"url": "https://git.kernel.org/stable/c/5ee241f72edc6dce5051a5f100eab6cc019d873e"
},
{
"url": "https://git.kernel.org/stable/c/7590da4c04dd4aa9c262da0231e978263861c6eb"
},
{
"url": "https://git.kernel.org/stable/c/1d5ed0efe51d36b9ae9b64f133bf41cdbf56f584"
},
{
"url": "https://git.kernel.org/stable/c/55c421b364482b61c4c45313a535e61ed5ae4ea3"
}
],
"title": "mmc: davinci: Don\u0027t strip remove function when driver is builtin",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39484",
"datePublished": "2024-07-05T06:55:11.970Z",
"dateReserved": "2024-06-25T14:23:23.747Z",
"dateUpdated": "2026-05-11T20:21:26.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-39488 (GCVE-0-2024-39488)
Vulnerability from cvelistv5 – Published: 2024-07-10 07:14 – Updated: 2026-05-11 20:21
VLAI
EPSS
Title
arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
Summary
In the Linux kernel, the following vulnerability has been resolved:
arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
When CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes
to bug_table entries, and as a result the last entry in a bug table will
be ignored, potentially leading to an unexpected panic(). All prior
entries in the table will be handled correctly.
The arm64 ABI requires that struct fields of up to 8 bytes are
naturally-aligned, with padding added within a struct such that struct
are suitably aligned within arrays.
When CONFIG_DEBUG_BUGVERPOSE=y, the layout of a bug_entry is:
struct bug_entry {
signed int bug_addr_disp; // 4 bytes
signed int file_disp; // 4 bytes
unsigned short line; // 2 bytes
unsigned short flags; // 2 bytes
}
... with 12 bytes total, requiring 4-byte alignment.
When CONFIG_DEBUG_BUGVERBOSE=n, the layout of a bug_entry is:
struct bug_entry {
signed int bug_addr_disp; // 4 bytes
unsigned short flags; // 2 bytes
< implicit padding > // 2 bytes
}
... with 8 bytes total, with 6 bytes of data and 2 bytes of trailing
padding, requiring 4-byte alginment.
When we create a bug_entry in assembly, we align the start of the entry
to 4 bytes, which implicitly handles padding for any prior entries.
However, we do not align the end of the entry, and so when
CONFIG_DEBUG_BUGVERBOSE=n, the final entry lacks the trailing padding
bytes.
For the main kernel image this is not a problem as find_bug() doesn't
depend on the trailing padding bytes when searching for entries:
for (bug = __start___bug_table; bug < __stop___bug_table; ++bug)
if (bugaddr == bug_addr(bug))
return bug;
However for modules, module_bug_finalize() depends on the trailing
bytes when calculating the number of entries:
mod->num_bugs = sechdrs[i].sh_size / sizeof(struct bug_entry);
... and as the last bug_entry lacks the necessary padding bytes, this entry
will not be counted, e.g. in the case of a single entry:
sechdrs[i].sh_size == 6
sizeof(struct bug_entry) == 8;
sechdrs[i].sh_size / sizeof(struct bug_entry) == 0;
Consequently module_find_bug() will miss the last bug_entry when it does:
for (i = 0; i < mod->num_bugs; ++i, ++bug)
if (bugaddr == bug_addr(bug))
goto out;
... which can lead to a kenrel panic due to an unhandled bug.
This can be demonstrated with the following module:
static int __init buginit(void)
{
WARN(1, "hello\n");
return 0;
}
static void __exit bugexit(void)
{
}
module_init(buginit);
module_exit(bugexit);
MODULE_LICENSE("GPL");
... which will trigger a kernel panic when loaded:
------------[ cut here ]------------
hello
Unexpected kernel BRK exception at EL1
Internal error: BRK handler: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in: hello(O+)
CPU: 0 PID: 50 Comm: insmod Tainted: G O 6.9.1 #8
Hardware name: linux,dummy-virt (DT)
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : buginit+0x18/0x1000 [hello]
lr : buginit+0x18/0x1000 [hello]
sp : ffff800080533ae0
x29: ffff800080533ae0 x28: 0000000000000000 x27: 0000000000000000
x26: ffffaba8c4e70510 x25: ffff800080533c30 x24: ffffaba8c4a28a58
x23: 0000000000000000 x22: 0000000000000000 x21: ffff3947c0eab3c0
x20: ffffaba8c4e3f000 x19: ffffaba846464000 x18: 0000000000000006
x17: 0000000000000000 x16: ffffaba8c2492834 x15: 0720072007200720
x14: 0720072007200720 x13: ffffaba8c49b27c8 x12: 0000000000000312
x11: 0000000000000106 x10: ffffaba8c4a0a7c8 x9 : ffffaba8c49b27c8
x8 : 00000000ffffefff x7 : ffffaba8c4a0a7c8 x6 : 80000000fffff000
x5 : 0000000000000107 x4 : 0000000000000000 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff3947c0eab3c0
Call trace:
buginit+0x18/0x1000 [hello]
do_one_initcall+0x80/0x1c8
do_init_module+0x60/0x218
load_module+0x1ba4/0x1d70
__do_sys_init_module+0x198/0x1d0
__arm64_sys_init_module+0x1c/0x28
invoke_syscall+0x48/0x114
el0_svc
---truncated---
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < f221bd58db0f6ca087ac0392284f6bce21f4f8ea
(git)
Affected: 9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < 22469a0335a1a1a690349b58bcb55822457df81e (git) Affected: 9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < 461a760d578b2b2c2faac3040b6b7c77baf128f8 (git) Affected: 9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < c1929c041a262a4a27265db8dce3619c92aa678c (git) Affected: 9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < 3fd487ffaa697ddb05af78a75aaaddabe71c52b0 (git) Affected: 9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < 9f2ad88f9b349554f64e4037ec185c84d7dd9c7d (git) Affected: 9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < c27a2f7668e215c1ebbccd96fab27a220a93f1f7 (git) Affected: 9fb7410f955f7a62c1f882ca8f9ffd4525907e28 , < ffbf4fb9b5c12ff878a10ea17997147ea4ebea6f (git) |
|
| Linux | Linux |
Affected:
4.3
Unaffected: 0 , < 4.3 (semver) Unaffected: 4.19.316 , ≤ 4.19.* (semver) Unaffected: 5.4.278 , ≤ 5.4.* (semver) Unaffected: 5.10.219 , ≤ 5.10.* (semver) Unaffected: 5.15.161 , ≤ 5.15.* (semver) Unaffected: 6.1.93 , ≤ 6.1.* (semver) Unaffected: 6.6.33 , ≤ 6.6.* (semver) Unaffected: 6.9.4 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-23T18:32:26.259204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T18:33:16.448Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f221bd58db0f6ca087ac0392284f6bce21f4f8ea"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/22469a0335a1a1a690349b58bcb55822457df81e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/461a760d578b2b2c2faac3040b6b7c77baf128f8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c1929c041a262a4a27265db8dce3619c92aa678c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3fd487ffaa697ddb05af78a75aaaddabe71c52b0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9f2ad88f9b349554f64e4037ec185c84d7dd9c7d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c27a2f7668e215c1ebbccd96fab27a220a93f1f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ffbf4fb9b5c12ff878a10ea17997147ea4ebea6f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/arm64/include/asm/asm-bug.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f221bd58db0f6ca087ac0392284f6bce21f4f8ea",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
},
{
"lessThan": "22469a0335a1a1a690349b58bcb55822457df81e",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
},
{
"lessThan": "461a760d578b2b2c2faac3040b6b7c77baf128f8",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
},
{
"lessThan": "c1929c041a262a4a27265db8dce3619c92aa678c",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
},
{
"lessThan": "3fd487ffaa697ddb05af78a75aaaddabe71c52b0",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
},
{
"lessThan": "9f2ad88f9b349554f64e4037ec185c84d7dd9c7d",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
},
{
"lessThan": "c27a2f7668e215c1ebbccd96fab27a220a93f1f7",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
},
{
"lessThan": "ffbf4fb9b5c12ff878a10ea17997147ea4ebea6f",
"status": "affected",
"version": "9fb7410f955f7a62c1f882ca8f9ffd4525907e28",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/arm64/include/asm/asm-bug.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.3"
},
{
"lessThan": "4.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.316",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.278",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.219",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.161",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.93",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.33",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.4",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes\nto bug_table entries, and as a result the last entry in a bug table will\nbe ignored, potentially leading to an unexpected panic(). All prior\nentries in the table will be handled correctly.\n\nThe arm64 ABI requires that struct fields of up to 8 bytes are\nnaturally-aligned, with padding added within a struct such that struct\nare suitably aligned within arrays.\n\nWhen CONFIG_DEBUG_BUGVERPOSE=y, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tsigned int file_disp;\t// 4 bytes\n\t\tunsigned short line;\t\t// 2 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t}\n\n... with 12 bytes total, requiring 4-byte alignment.\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t\t\u003c implicit padding \u003e\t\t// 2 bytes\n\t}\n\n... with 8 bytes total, with 6 bytes of data and 2 bytes of trailing\npadding, requiring 4-byte alginment.\n\nWhen we create a bug_entry in assembly, we align the start of the entry\nto 4 bytes, which implicitly handles padding for any prior entries.\nHowever, we do not align the end of the entry, and so when\nCONFIG_DEBUG_BUGVERBOSE=n, the final entry lacks the trailing padding\nbytes.\n\nFor the main kernel image this is not a problem as find_bug() doesn\u0027t\ndepend on the trailing padding bytes when searching for entries:\n\n\tfor (bug = __start___bug_table; bug \u003c __stop___bug_table; ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\treturn bug;\n\nHowever for modules, module_bug_finalize() depends on the trailing\nbytes when calculating the number of entries:\n\n\tmod-\u003enum_bugs = sechdrs[i].sh_size / sizeof(struct bug_entry);\n\n... and as the last bug_entry lacks the necessary padding bytes, this entry\nwill not be counted, e.g. in the case of a single entry:\n\n\tsechdrs[i].sh_size == 6\n\tsizeof(struct bug_entry) == 8;\n\n\tsechdrs[i].sh_size / sizeof(struct bug_entry) == 0;\n\nConsequently module_find_bug() will miss the last bug_entry when it does:\n\n\tfor (i = 0; i \u003c mod-\u003enum_bugs; ++i, ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\tgoto out;\n\n... which can lead to a kenrel panic due to an unhandled bug.\n\nThis can be demonstrated with the following module:\n\n\tstatic int __init buginit(void)\n\t{\n\t\tWARN(1, \"hello\\n\");\n\t\treturn 0;\n\t}\n\n\tstatic void __exit bugexit(void)\n\t{\n\t}\n\n\tmodule_init(buginit);\n\tmodule_exit(bugexit);\n\tMODULE_LICENSE(\"GPL\");\n\n... which will trigger a kernel panic when loaded:\n\n\t------------[ cut here ]------------\n\thello\n\tUnexpected kernel BRK exception at EL1\n\tInternal error: BRK handler: 00000000f2000800 [#1] PREEMPT SMP\n\tModules linked in: hello(O+)\n\tCPU: 0 PID: 50 Comm: insmod Tainted: G O 6.9.1 #8\n\tHardware name: linux,dummy-virt (DT)\n\tpstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\tpc : buginit+0x18/0x1000 [hello]\n\tlr : buginit+0x18/0x1000 [hello]\n\tsp : ffff800080533ae0\n\tx29: ffff800080533ae0 x28: 0000000000000000 x27: 0000000000000000\n\tx26: ffffaba8c4e70510 x25: ffff800080533c30 x24: ffffaba8c4a28a58\n\tx23: 0000000000000000 x22: 0000000000000000 x21: ffff3947c0eab3c0\n\tx20: ffffaba8c4e3f000 x19: ffffaba846464000 x18: 0000000000000006\n\tx17: 0000000000000000 x16: ffffaba8c2492834 x15: 0720072007200720\n\tx14: 0720072007200720 x13: ffffaba8c49b27c8 x12: 0000000000000312\n\tx11: 0000000000000106 x10: ffffaba8c4a0a7c8 x9 : ffffaba8c49b27c8\n\tx8 : 00000000ffffefff x7 : ffffaba8c4a0a7c8 x6 : 80000000fffff000\n\tx5 : 0000000000000107 x4 : 0000000000000000 x3 : 0000000000000000\n\tx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff3947c0eab3c0\n\tCall trace:\n\t buginit+0x18/0x1000 [hello]\n\t do_one_initcall+0x80/0x1c8\n\t do_init_module+0x60/0x218\n\t load_module+0x1ba4/0x1d70\n\t __do_sys_init_module+0x198/0x1d0\n\t __arm64_sys_init_module+0x1c/0x28\n\t invoke_syscall+0x48/0x114\n\t el0_svc\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:21:31.475Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f221bd58db0f6ca087ac0392284f6bce21f4f8ea"
},
{
"url": "https://git.kernel.org/stable/c/22469a0335a1a1a690349b58bcb55822457df81e"
},
{
"url": "https://git.kernel.org/stable/c/461a760d578b2b2c2faac3040b6b7c77baf128f8"
},
{
"url": "https://git.kernel.org/stable/c/c1929c041a262a4a27265db8dce3619c92aa678c"
},
{
"url": "https://git.kernel.org/stable/c/3fd487ffaa697ddb05af78a75aaaddabe71c52b0"
},
{
"url": "https://git.kernel.org/stable/c/9f2ad88f9b349554f64e4037ec185c84d7dd9c7d"
},
{
"url": "https://git.kernel.org/stable/c/c27a2f7668e215c1ebbccd96fab27a220a93f1f7"
},
{
"url": "https://git.kernel.org/stable/c/ffbf4fb9b5c12ff878a10ea17997147ea4ebea6f"
}
],
"title": "arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39488",
"datePublished": "2024-07-10T07:14:08.319Z",
"dateReserved": "2024-06-25T14:23:23.747Z",
"dateUpdated": "2026-05-11T20:21:31.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-39489 (GCVE-0-2024-39489)
Vulnerability from cvelistv5 – Published: 2024-07-10 07:14 – Updated: 2026-05-12 11:55
VLAI
EPSS
Title
ipv6: sr: fix memleak in seg6_hmac_init_algo
Summary
In the Linux kernel, the following vulnerability has been resolved:
ipv6: sr: fix memleak in seg6_hmac_init_algo
seg6_hmac_init_algo returns without cleaning up the previous allocations
if one fails, so it's going to leak all that memory and the crypto tfms.
Update seg6_hmac_exit to only free the memory when allocated, so we can
reuse the code directly.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
11 references
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
bf355b8d2c30a289232042cacc1cfaea4923936c , < afd5730969aec960a2fee4e5ee839a6014643976
(git)
Affected: bf355b8d2c30a289232042cacc1cfaea4923936c , < 4a3fcf53725b70010d1cf869a2ba549fed6b8fb3 (git) Affected: bf355b8d2c30a289232042cacc1cfaea4923936c , < daf341e0a2318b813427d5a78788c86f4a7f02be (git) Affected: bf355b8d2c30a289232042cacc1cfaea4923936c , < 61d31ac85b4572d11f8071855c0ccb4f32d76c0c (git) Affected: bf355b8d2c30a289232042cacc1cfaea4923936c , < 599a5654215092ac22bfc453f4fd3959c55ea821 (git) Affected: bf355b8d2c30a289232042cacc1cfaea4923936c , < 0e44d6cbe8de983470c3d2f978649783384fdcb6 (git) Affected: bf355b8d2c30a289232042cacc1cfaea4923936c , < f6a99ef4e056c20a138a95cc51332b2b96c8f383 (git) Affected: bf355b8d2c30a289232042cacc1cfaea4923936c , < efb9f4f19f8e37fde43dfecebc80292d179f56c6 (git) |
|
| Linux | Linux |
Affected:
4.10
Unaffected: 0 , < 4.10 (semver) Unaffected: 4.19.316 , ≤ 4.19.* (semver) Unaffected: 5.4.278 , ≤ 5.4.* (semver) Unaffected: 5.10.219 , ≤ 5.10.* (semver) Unaffected: 5.15.161 , ≤ 5.15.* (semver) Unaffected: 6.1.93 , ≤ 6.1.* (semver) Unaffected: 6.6.33 , ≤ 6.6.* (semver) Unaffected: 6.9.4 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
|
| Siemens | RUGGEDCOM RST2428P |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 family |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.0 , < V3.1.5
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.0 , < V3.1.5
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.0 , < V3.1.5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T15:29:00.880316Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T15:29:14.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:15.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.5",
"status": "affected",
"version": "V3.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.5",
"status": "affected",
"version": "V3.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.5",
"status": "affected",
"version": "V3.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.5",
"status": "affected",
"version": "V3.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.5",
"status": "affected",
"version": "V3.1.0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:55:32.149Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-398330.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/seg6_hmac.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "afd5730969aec960a2fee4e5ee839a6014643976",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
},
{
"lessThan": "4a3fcf53725b70010d1cf869a2ba549fed6b8fb3",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
},
{
"lessThan": "daf341e0a2318b813427d5a78788c86f4a7f02be",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
},
{
"lessThan": "61d31ac85b4572d11f8071855c0ccb4f32d76c0c",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
},
{
"lessThan": "599a5654215092ac22bfc453f4fd3959c55ea821",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
},
{
"lessThan": "0e44d6cbe8de983470c3d2f978649783384fdcb6",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
},
{
"lessThan": "f6a99ef4e056c20a138a95cc51332b2b96c8f383",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
},
{
"lessThan": "efb9f4f19f8e37fde43dfecebc80292d179f56c6",
"status": "affected",
"version": "bf355b8d2c30a289232042cacc1cfaea4923936c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/seg6_hmac.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.93",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.33",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.316",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.278",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.219",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.161",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.93",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.33",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.4",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix memleak in seg6_hmac_init_algo\n\nseg6_hmac_init_algo returns without cleaning up the previous allocations\nif one fails, so it\u0027s going to leak all that memory and the crypto tfms.\n\nUpdate seg6_hmac_exit to only free the memory when allocated, so we can\nreuse the code directly."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:21:32.786Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/afd5730969aec960a2fee4e5ee839a6014643976"
},
{
"url": "https://git.kernel.org/stable/c/4a3fcf53725b70010d1cf869a2ba549fed6b8fb3"
},
{
"url": "https://git.kernel.org/stable/c/daf341e0a2318b813427d5a78788c86f4a7f02be"
},
{
"url": "https://git.kernel.org/stable/c/61d31ac85b4572d11f8071855c0ccb4f32d76c0c"
},
{
"url": "https://git.kernel.org/stable/c/599a5654215092ac22bfc453f4fd3959c55ea821"
},
{
"url": "https://git.kernel.org/stable/c/0e44d6cbe8de983470c3d2f978649783384fdcb6"
},
{
"url": "https://git.kernel.org/stable/c/f6a99ef4e056c20a138a95cc51332b2b96c8f383"
},
{
"url": "https://git.kernel.org/stable/c/efb9f4f19f8e37fde43dfecebc80292d179f56c6"
}
],
"title": "ipv6: sr: fix memleak in seg6_hmac_init_algo",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39489",
"datePublished": "2024-07-10T07:14:08.988Z",
"dateReserved": "2024-06-25T14:23:23.747Z",
"dateUpdated": "2026-05-12T11:55:32.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-39493 (GCVE-0-2024-39493)
Vulnerability from cvelistv5 – Published: 2024-07-10 07:18 – Updated: 2026-05-23 15:50
VLAI
EPSS
Title
crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
Summary
In the Linux kernel, the following vulnerability has been resolved:
crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
Using completion_done to determine whether the caller has gone
away only works after a complete call. Furthermore it's still
possible that the caller has not yet called wait_for_completion,
resulting in another potential UAF.
Fix this by making the caller use cancel_work_sync and then freeing
the memory safely.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
10 references
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
daba62d9eeddcc5b1081be7d348ca836c83c59d7 , < 0ce5964b82f212f4df6a9813f09a0b5de15bd9c8
(git)
Affected: 8e81cd58aee14a470891733181a47d123193ba81 , < 6396b33e98c096bff9c253ed49c008247963492a (git) Affected: d03092550f526a79cf1ade7f0dfa74906f39eb71 , < a718b6d2a329e069b27d9049a71be5931e71d960 (git) Affected: 4ae5a97781ce7d6ecc9c7055396535815b64ca4f , < 3fb4601e0db10d4fe25e46f3fa308d40d37366bd (git) Affected: 226fc408c5fcd23cc4186f05ea3a09a7a9aef2f7 , < e7428e7e3fe94a5089dc12ffe5bc31574d2315ad (git) Affected: 8a5a7611ccc7b1fba8d933a9f22a2e76859d94dc , < c2d443aa1ae3175c13a665f3a24b8acd759ce9c3 (git) Affected: 7d42e097607c4d246d99225bf2b195b6167a210c , < d0fd124972724cce0d48b9865ce3e273ef69e246 (git) Affected: 7d42e097607c4d246d99225bf2b195b6167a210c , < d3b17c6d9dddc2db3670bc9be628b122416a3d26 (git) Affected: 0c2cf5142bfb634c0ef0a1a69cdf37950747d0be (git) Affected: bb279ead42263e9fb09480f02a4247b2c287d828 (git) Affected: 4.19.312 , < 4.19.316 (semver) Affected: 5.4.274 , < 5.4.278 (semver) Affected: 5.10.215 , < 5.10.219 (semver) Affected: 5.15.154 , < 5.15.161 (semver) Affected: 6.1.84 , < 6.1.94 (semver) Affected: 6.6.24 , < 6.6.34 (semver) Affected: 6.7.12 , < 6.8 (semver) Affected: 6.8.3 , < 6.9 (semver) |
|
| Linux | Linux |
Affected:
6.9
Unaffected: 0 , < 6.9 (semver) Unaffected: 4.19.316 , ≤ 4.19.* (semver) Unaffected: 5.4.278 , ≤ 5.4.* (semver) Unaffected: 5.10.219 , ≤ 5.10.* (semver) Unaffected: 5.15.161 , ≤ 5.15.* (semver) Unaffected: 6.1.94 , ≤ 6.1.* (semver) Unaffected: 6.6.34 , ≤ 6.6.* (semver) Unaffected: 6.9.5 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
|
| Siemens | RUGGEDCOM RST2428P |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 family |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T13:38:46.024569Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T13:39:00.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:16.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0ce5964b82f212f4df6a9813f09a0b5de15bd9c8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6396b33e98c096bff9c253ed49c008247963492a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a718b6d2a329e069b27d9049a71be5931e71d960"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3fb4601e0db10d4fe25e46f3fa308d40d37366bd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e7428e7e3fe94a5089dc12ffe5bc31574d2315ad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c2d443aa1ae3175c13a665f3a24b8acd759ce9c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d0fd124972724cce0d48b9865ce3e273ef69e246"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d3b17c6d9dddc2db3670bc9be628b122416a3d26"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:55:33.627Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/qat/qat_common/adf_aer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0ce5964b82f212f4df6a9813f09a0b5de15bd9c8",
"status": "affected",
"version": "daba62d9eeddcc5b1081be7d348ca836c83c59d7",
"versionType": "git"
},
{
"lessThan": "6396b33e98c096bff9c253ed49c008247963492a",
"status": "affected",
"version": "8e81cd58aee14a470891733181a47d123193ba81",
"versionType": "git"
},
{
"lessThan": "a718b6d2a329e069b27d9049a71be5931e71d960",
"status": "affected",
"version": "d03092550f526a79cf1ade7f0dfa74906f39eb71",
"versionType": "git"
},
{
"lessThan": "3fb4601e0db10d4fe25e46f3fa308d40d37366bd",
"status": "affected",
"version": "4ae5a97781ce7d6ecc9c7055396535815b64ca4f",
"versionType": "git"
},
{
"lessThan": "e7428e7e3fe94a5089dc12ffe5bc31574d2315ad",
"status": "affected",
"version": "226fc408c5fcd23cc4186f05ea3a09a7a9aef2f7",
"versionType": "git"
},
{
"lessThan": "c2d443aa1ae3175c13a665f3a24b8acd759ce9c3",
"status": "affected",
"version": "8a5a7611ccc7b1fba8d933a9f22a2e76859d94dc",
"versionType": "git"
},
{
"lessThan": "d0fd124972724cce0d48b9865ce3e273ef69e246",
"status": "affected",
"version": "7d42e097607c4d246d99225bf2b195b6167a210c",
"versionType": "git"
},
{
"lessThan": "d3b17c6d9dddc2db3670bc9be628b122416a3d26",
"status": "affected",
"version": "7d42e097607c4d246d99225bf2b195b6167a210c",
"versionType": "git"
},
{
"status": "affected",
"version": "0c2cf5142bfb634c0ef0a1a69cdf37950747d0be",
"versionType": "git"
},
{
"status": "affected",
"version": "bb279ead42263e9fb09480f02a4247b2c287d828",
"versionType": "git"
},
{
"lessThan": "4.19.316",
"status": "affected",
"version": "4.19.312",
"versionType": "semver"
},
{
"lessThan": "5.4.278",
"status": "affected",
"version": "5.4.274",
"versionType": "semver"
},
{
"lessThan": "5.10.219",
"status": "affected",
"version": "5.10.215",
"versionType": "semver"
},
{
"lessThan": "5.15.161",
"status": "affected",
"version": "5.15.154",
"versionType": "semver"
},
{
"lessThan": "6.1.94",
"status": "affected",
"version": "6.1.84",
"versionType": "semver"
},
{
"lessThan": "6.6.34",
"status": "affected",
"version": "6.6.24",
"versionType": "semver"
},
{
"lessThan": "6.8",
"status": "affected",
"version": "6.7.12",
"versionType": "semver"
},
{
"lessThan": "6.9",
"status": "affected",
"version": "6.8.3",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/intel/qat/qat_common/adf_aer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.316",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.278",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.219",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.161",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.94",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.34",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.316",
"versionStartIncluding": "4.19.312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.278",
"versionStartIncluding": "5.4.274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.219",
"versionStartIncluding": "5.10.215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.161",
"versionStartIncluding": "5.15.154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.94",
"versionStartIncluding": "6.1.84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.34",
"versionStartIncluding": "6.6.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.5",
"versionStartIncluding": "6.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "6.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - Fix ADF_DEV_RESET_SYNC memory leak\n\nUsing completion_done to determine whether the caller has gone\naway only works after a complete call. Furthermore it\u0027s still\npossible that the caller has not yet called wait_for_completion,\nresulting in another potential UAF.\n\nFix this by making the caller use cancel_work_sync and then freeing\nthe memory safely."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:50:21.670Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0ce5964b82f212f4df6a9813f09a0b5de15bd9c8"
},
{
"url": "https://git.kernel.org/stable/c/6396b33e98c096bff9c253ed49c008247963492a"
},
{
"url": "https://git.kernel.org/stable/c/a718b6d2a329e069b27d9049a71be5931e71d960"
},
{
"url": "https://git.kernel.org/stable/c/3fb4601e0db10d4fe25e46f3fa308d40d37366bd"
},
{
"url": "https://git.kernel.org/stable/c/e7428e7e3fe94a5089dc12ffe5bc31574d2315ad"
},
{
"url": "https://git.kernel.org/stable/c/c2d443aa1ae3175c13a665f3a24b8acd759ce9c3"
},
{
"url": "https://git.kernel.org/stable/c/d0fd124972724cce0d48b9865ce3e273ef69e246"
},
{
"url": "https://git.kernel.org/stable/c/d3b17c6d9dddc2db3670bc9be628b122416a3d26"
}
],
"title": "crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-39493",
"datePublished": "2024-07-10T07:18:39.443Z",
"dateReserved": "2024-06-25T14:23:23.748Z",
"dateUpdated": "2026-05-23T15:50:21.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…