CVE-2024-27025

Summary

In the Linux kernel, the following vulnerability has been resolved:

nbd: null check for nla_nest_start

nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < 44214d744be32a4769faebba764510888f1eb19eaffected
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < 4af837db0fd3679fabc7b7758397090b0c06dcedaffected
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < 98e60b538e66c90b9a856828c71d4e975ebfa797affected
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < 96436365e5d80d0106ea785a4f80a58e7c9edff8affected
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < b7f5aed55829f376e4f7e5ea5b80ccdcb023e983affected
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < e803040b368d046434fbc8a91945c690332c4fcfaffected
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < ba6a9970ce9e284cbc04099361c58731e308596aaffected
LinuxLinux47d902b90a32a42a3d33aef3a02170fc6f70aa23 < 31edf4bbe0ba27fd03ac7d87eb2ee3d2a231af6daffected
LinuxLinux4.12affected
LinuxLinux0 < 4.12unaffected
LinuxLinux5.4.273 <= 5.4.*unaffected
LinuxLinux5.10.214 <= 5.10.*unaffected
LinuxLinux5.15.153 <= 5.15.*unaffected
LinuxLinux6.1.83 <= 6.1.*unaffected
LinuxLinux6.6.23 <= 6.6.*unaffected
LinuxLinux6.7.11 <= 6.7.*unaffected
LinuxLinux6.8.2 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References