Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-25739HistoryFeb 12, 2024 - 3:15 a.m.
CVE-2024-25739
2024-02-1203:15:32
Debian Security Bug Tracker
security-tracker.debian.org
6
linux
kernel
cve-2024-25739
drivers
mtd
ubi
vtbl
crash
missing check
leb_size
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.85-1 | linux_6.1.85-1_all.deb |
| Debian | 11 | all | linux | < 5.10.216-1 | linux_5.10.216-1_all.deb |
| Debian | 999 | all | linux | < 6.7.12-1 | linux_6.7.12-1_all.deb |
| Debian | 13 | all | linux | < 6.7.12-1 | linux_6.7.12-1_all.deb |
Related
cve
cve
CVE-2024-25739
2024-02-12 03:15:32
prion
prion
Design/Logic Flaw
2024-02-12 03:15:00
redhatcve
redhatcve
CVE-2024-25739
2024-02-13 18:10:11
cbl_mariner
cbl_mariner
CVE-2024-25739 affecting package kernel for versions less than 5.15.158.2-1
2024-06-12 22:23:00
cvelist
cvelist
CVE-2024-25739
2024-02-12 00:00:00
nvd
nvd
CVE-2024-25739
2024-02-12 03:15:32
ubuntucve
ubuntucve
CVE-2024-25739
2024-02-12 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1816)
2024-06-25 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1837)
2024-06-25 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1332-1)
2024-04-23 00:00:00
nessus
nessus
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1837)
2024-06-25 00:00:00
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1816)
2024-06-25 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1466-1)
2024-04-30 00:00:00
osv
osv
linux-aws, linux-gcp vulnerabilities
2024-06-07 18:49:30
linux-azure, linux-gke vulnerabilities
2024-06-14 17:24:38
linux-oem-6.8 vulnerabilities
2024-06-10 19:28:08
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (OEM) vulnerabilities
2024-06-11 00:00:00
Linux kernel vulnerabilities
2024-06-14 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.9 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2024-25739