CVE-2024-37021NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference19 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 92.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedJun 24
Latest updateSep 23

Description

In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcount. This approach is problematic since it can lead to a null pointer dereference while attempting to get the manager if the parent device does not have a driver. To address this problem, add a module

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDlinux/linux_kernel4.46.1.120+2
Debianlinux/linux_kernel< 6.1.123-1+2
Ubuntulinux/linux_kernel< 6.8.0-44.44
CVEListV5linux/linux654ba4cc0f3ed7c0f08bfb39f66059d8c42943ee304f8032d601d4f9322ca841cd0b573bd1beb158+4
debiandebian/linux< linux 6.1.123-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

9
OSV
linux-hwe-6.82024-09-23
OSV
linux-raspi vulnerabilities2024-09-23
OSV
linux-lowlatency-hwe-6.8 vulnerabilities2024-09-13
OSV
linux-nvidia-6.8 vulnerabilities2024-09-13
OSV
linux-nvidia, linux-nvidia-lowlatency vulnerabilities2024-09-12

📋Vendor Advisories

9
Ubuntu
Linux kernel vulnerabilities2024-09-23
Ubuntu
Linux kernel vulnerabilities2024-09-23
Ubuntu
Linux kernel vulnerabilities2024-09-13
Ubuntu
Linux kernel vulnerabilities2024-09-13
Ubuntu
Linux kernel vulnerabilities2024-09-12