CVE-2024-36015
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ppdev: Add an error check in register_device
In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value.
To address this issue, index should be checked after ida_simple_get. When the index value is abnormal, a warning message should be printed, the port should be dropped, and the value should be recorded.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < 65cd017d43f4319a56747d38308b0a24cf57299e | affected |
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < b8c6b83cc3adff3ddf403c8c7063fe6d08b2b9d9 | affected |
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < d32caf51379a4d71db03d3d4d7c22d27cdf7f68b | affected |
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < b65d0410b879af0295d22438a4a32012786d152a | affected |
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < df9329247dbbf00f6057e002139ab3fa529ad828 | affected |
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < ec3468221efec6660ff656e9ebe51ced3520fc57 | affected |
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < 5d5b24edad1107a2ffa99058f20f6aeeafeb5d39 | affected |
| Linux | Linux | 9a69645dde1188723d80745c1bc6ee9af2cbe2a7 < fbf740aeb86a4fe82ad158d26d711f2f3be79b3e | affected |
| Linux | Linux | 9c2b46e720d5b083268ca0131f513a90696f3a82 | affected |
| Linux | Linux | 762602796be626cbb6b3a6573e00b9ee7db00c97 | affected |
| Linux | Linux | 4.9.22 < 4.10 | affected |
| Linux | Linux | 4.10.7 < 4.11 | affected |
| Linux | Linux | 4.11 | affected |
| Linux | Linux | 0 < 4.11 | unaffected |
| Linux | Linux | 4.19.316 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.278 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.219 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.161 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.93 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.33 <= 6.6.* | unaffected |
| Linux | Linux | 6.9.4 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/65cd017d43f4319a56747d38308b0a24cf57299e
- https://git.kernel.org/stable/c/b8c6b83cc3adff3ddf403c8c7063fe6d08b2b9d9
- https://git.kernel.org/stable/c/d32caf51379a4d71db03d3d4d7c22d27cdf7f68b
- https://git.kernel.org/stable/c/b65d0410b879af0295d22438a4a32012786d152a
- https://git.kernel.org/stable/c/df9329247dbbf00f6057e002139ab3fa529ad828
- https://git.kernel.org/stable/c/ec3468221efec6660ff656e9ebe51ced3520fc57
- https://git.kernel.org/stable/c/5d5b24edad1107a2ffa99058f20f6aeeafeb5d39
- https://git.kernel.org/stable/c/fbf740aeb86a4fe82ad158d26d711f2f3be79b3e
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/65cd017d43f4319a56747d38308b0a24cf57299e
- https://git.kernel.org/stable/c/b8c6b83cc3adff3ddf403c8c7063fe6d08b2b9d9
- https://git.kernel.org/stable/c/d32caf51379a4d71db03d3d4d7c22d27cdf7f68b
- https://git.kernel.org/stable/c/b65d0410b879af0295d22438a4a32012786d152a
- https://git.kernel.org/stable/c/df9329247dbbf00f6057e002139ab3fa529ad828
- https://git.kernel.org/stable/c/ec3468221efec6660ff656e9ebe51ced3520fc57
- https://git.kernel.org/stable/c/5d5b24edad1107a2ffa99058f20f6aeeafeb5d39
- https://git.kernel.org/stable/c/fbf740aeb86a4fe82ad158d26d711f2f3be79b3e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.