CVE-2024-45002

Summary

In the Linux kernel, the following vulnerability has been resolved:

rtla/osnoise: Prevent NULL dereference in error handling

If the "tool->data" allocation fails then there is no need to call osnoise_free_top() and, in fact, doing so will lead to a NULL dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac < fc575212c6b75d538e1a0a74f4c7e2ac73bc46acaffected
LinuxLinux1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac < 753f1745146e03abd17eec8eee95faffc96d743daffected
LinuxLinux1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac < abdb9ddaaab476e62805e36cce7b4ef8413ffd01affected
LinuxLinux1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac < 90574d2a675947858b47008df8d07f75ea50d0d0affected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.1.107 <= 6.1.*unaffected
LinuxLinux6.6.48 <= 6.6.*unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References