CVE-2024-47756

Summary

In the Linux kernel, the following vulnerability has been resolved:

PCI: keystone: Fix if-statement expression in ks_pcie_quirk()

This code accidentally uses && where || was intended. It potentially results in a NULL dereference.

Thus, fix the if-statement expression to use the correct condition.

[kwilczynski: commit log]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcfb006e185f64edbbdf7869eac352442bc76b8f6 < 9c9afc3e75069fcfb067727973242cfbf00dd7ebaffected
LinuxLinuxebbdbbc580c1695dec283d0ba6448729dc993246 < c289903b7a216df5ea6e1850ddf1b958eea9921daffected
LinuxLinux135843c351c08df72bdd4b4ebea53c8052a76881 < dc5aeba07395c8dfa29bb878c8ce4d5180427221affected
LinuxLinuxaf218c803fe298ddf00abef331aa526b20d7ea61 < 23838bef2adb714ec37b2d6141dccf4a3a70bdefaffected
LinuxLinux576d0fb6f8d4bd4695e70eee173a1b9c7bae9572 < e85ab507882db165c10a858d7f685a0a38f0312eaffected
LinuxLinuxdd47051c76c8acd8cb983f01b4d1265da29cb66a < 72210e52e19a27f615e0b5273d2bf012d0dc318daffected
LinuxLinux86f271f22bbb6391410a07e08d6ca3757fda01fa < 2171c5cb2fbc3e03af7e8116cd58736c09328655affected
LinuxLinux86f271f22bbb6391410a07e08d6ca3757fda01fa < 6188a1c762eb9bbd444f47696eda77a5eae6207aaffected
LinuxLinux5.4.284 < 5.4.285affected
LinuxLinux5.10.226 < 5.10.227affected
LinuxLinux5.15.167 < 5.15.168affected
LinuxLinux6.1.110 < 6.1.113affected
LinuxLinux6.6.51 < 6.6.54affected
LinuxLinux6.10.10 < 6.10.13affected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux5.4.285 <= 5.4.*unaffected
LinuxLinux5.10.227 <= 5.10.*unaffected
LinuxLinux5.15.168 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.54 <= 6.6.*unaffected
LinuxLinux6.10.13 <= 6.10.*unaffected
LinuxLinux6.11.2 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References