THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-4810

NULL pointer deference in register_device in ppdev in Linux kernel

Reserved:2024-05-13
Published:2024-05-14
Updated:2024-05-14

Description

In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value. To address this issue, index should be checked after ida_simple_get. When the index value is abnormal, a warning message should be printed, the port should be dropped, and the value should be recorded.



MEDIUM: 5.3CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H

Problem types

CWE-476 NULL Pointer Dereference

Product status

Default status
unaffected

v4.11-rc4 before v6.9-rc7
affected

Credits

Huai-Yuan Liu <qq810974084@gmail.com> reporter

白家驹 <baijiaju@buaa.edu.cn> finder

References

https://bugzilla.openanolis.cn/show_bug.cgi?id=9008

cve.org CVE-2024-4810

nvd.nist.gov CVE-2024-4810

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-4810