CVE-2024-25739

MEDIUM

Linux Kernel < 6.7.4 - Denial of Service via Zero-Byte Allocation in UBI Volume Table

Title source: llm

Description

create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.

References (7)

Core 7

Core References

Mailing List

https://www.spinics.net/lists/kernel/msg5074816.html

Third Party Advisory

https://groups.google.com/g/syzkaller/c/Xl97YcQA4hg

Patch

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=68a24aba7c593eafa8fd00f2f76407b9b32b47a9

Mailing List mailing-list

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Mailing List mailing-list

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Patch

https://web.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/mtd/ubi/vtbl.c?h=v6.6.24&id=d1b505c988b7

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Scores

CVSS v3 5.5

EPSS 0.0025

EPSS Percentile 15.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-754

Status published

Products (1)

linux/linux_kernel < 6.7.4

Published Feb 12, 2024

Tracked Since Feb 18, 2026