CVE-2024-42276

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference.

CVSS

No CVSS.

References

Link	Resource
https://git.kernel.org/stable/c/3f8ec1d6b0ebd8268307d52be8301973fa5a01ec
https://git.kernel.org/stable/c/70100fe721840bf6d8e5abd25b8bffe4d2e049b7
https://git.kernel.org/stable/c/77848b379e9f85a08048a2c8b3b4a7e8396f5f83
https://git.kernel.org/stable/c/7cc1f4cd90a00b6191cb8cda2d1302fdce59361c
https://git.kernel.org/stable/c/be23ae63080e0bf9e246ab20207200bca6585eba
https://git.kernel.org/stable/c/c31fad1470389666ac7169fe43aa65bf5b7e2cfd
https://git.kernel.org/stable/c/d135c3352f7c947a922da93c8e763ee6bc208b64

Configurations

No configuration.

History

19 Aug 2024, 12:59

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: nvme-pci: agrega condición faltante para verificar la existencia de datos mapeados. Se llama a nvme_map_data() cuando la solicitud tiene segmentos físicos, por lo tanto, nvme_unmap_data() debe tener la misma condición para evitar la desreferencia.

19 Aug 2024, 05:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/3f8ec1d6b0ebd8268307d52be8301973fa5a01ec - () https://git.kernel.org/stable/c/7cc1f4cd90a00b6191cb8cda2d1302fdce59361c - () https://git.kernel.org/stable/c/be23ae63080e0bf9e246ab20207200bca6585eba -

17 Aug 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-17 09:15

Updated : 2024-08-19 12:59

NVD link : CVE-2024-42276

Mitre link : CVE-2024-42276

CVE.ORG link : CVE-2024-42276

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-42276

Attach tags to `CVE-2024-42276`