CVE-2024-45002

MEDIUM

Linux Kernel 5.17-6.1.107 6.2-6.6.48 6.7-6.10.7 - NULL Pointer Dereference in rtla/osnoise Error Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: rtla/osnoise: Prevent NULL dereference in error handling If the "tool->data" allocation fails then there is no need to call osnoise_free_top() and, in fact, doing so will lead to a NULL dereference.

References (5)

Core 5

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Patch

https://git.kernel.org/stable/c/fc575212c6b75d538e1a0a74f4c7e2ac73bc46ac

Patch

https://git.kernel.org/stable/c/753f1745146e03abd17eec8eee95faffc96d743d

Patch

https://git.kernel.org/stable/c/abdb9ddaaab476e62805e36cce7b4ef8413ffd01

Patch

https://git.kernel.org/stable/c/90574d2a675947858b47008df8d07f75ea50d0d0

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 12.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (15)

linux/Kernel 5.17.0 - 6.1.107linux

linux/Kernel 6.2.0 - 6.6.48linux

linux/Kernel 6.7.0 - 6.10.7linux

Linux/Linux < 5.17

Linux/Linux 1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac - 753f1745146e03abd17eec8eee95faffc96d743d

Linux/Linux 1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac - 90574d2a675947858b47008df8d07f75ea50d0d0

Linux/Linux 1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac - abdb9ddaaab476e62805e36cce7b4ef8413ffd01

Linux/Linux 1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac - fc575212c6b75d538e1a0a74f4c7e2ac73bc46ac

Linux/Linux 5.17

Linux/Linux 6.1.107 - 6.1.*

... and 5 more

Published Sep 04, 2024

Tracked Since Feb 18, 2026