Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2024-36891
HistoryMay 30, 2024 - 4:15 p.m.

CVE-2024-36891

2024-05-3016:15:00
Google
osv.dev
2
linux kernel
maple_tree
null pointer dereference
vulnerability
kernel oops
software

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference Currently the code calls mas_start() followed by mas_data_end() if the maple state is MA_START, but mas_start() may return with the maple state node == NULL. This will lead to a null pointer dereference when checking information in the NULL node, which is done in mas_data_end(). Avoid setting the offset if there is no node by waiting until after the maple state is checked for an empty or single entry state. A user could trigger the events to cause a kernel oops by unmapping all vmas to produce an empty maple tree, then mapping a vma that would cause the scenario described above.

Related

ubuntucve 1
cvelist 1
debiancve 1
redhatcve 1
cbl_mariner 1
nvd 1
vulnrichment 1
cve 1
nessus 8
photon 1
ubuntu 4
osv 6
openvas 7
mageia 2
ubuntucve
ubuntucve
CVE-2024-36891
2024-05-30 00:00:00
cvelist
cvelist
CVE-2024-36891 maple_tree: fix mas_empty_area_rev() null pointer dereference
2024-05-30 15:28:57
debiancve
debiancve
CVE-2024-36891
2024-05-30 16:15:12
redhatcve
redhatcve
CVE-2024-36891
2024-06-03 14:03:23
cbl_mariner
cbl_mariner
CVE-2024-36891 affecting package kernel for versions less than 6.6.35.1-4
2024-08-14 20:43:58
nvd
nvd
CVE-2024-36891
2024-05-30 16:15:12
vulnrichment
vulnrichment
CVE-2024-36891 maple_tree: fix mas_empty_area_rev() null pointer dereference
2024-05-30 15:28:57
cve
cve
CVE-2024-36891
2024-05-30 16:15:12
nessus
nessus
Photon OS 5.0: Linux PHSA-2024-5.0-0305
2024-07-24 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6952-1)
2024-08-09 00:00:00
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6955-1)
2024-08-12 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0305
2024-06-27 00:00:00
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2024-08-12 00:00:00
Linux kernel vulnerabilities
2024-08-09 00:00:00
Linux kernel vulnerabilities
2024-08-13 00:00:00
osv
osv
linux-azure vulnerabilities
2024-08-13 18:11:04
linux-lowlatency, linux-raspi vulnerabilities
2024-08-13 17:30:34
linux-nvidia-lowlatency, linux-oracle vulnerabilities
2024-08-09 00:06:04
openvas
openvas
Ubuntu: Security Advisory (USN-6949-1)
2024-08-09 00:00:00
Ubuntu: Security Advisory (USN-6949-2)
2024-08-14 00:00:00
Ubuntu: Security Advisory (USN-6952-2)
2024-08-14 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-07-14 08:23:38
Updated kernel kmod-xtables-addons kmod-virtualbox dwarves packages fix security vulnerabilities
2024-07-13 10:54:44

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

Low

JSON
Related for OSV:CVE-2024-36891
ubuntucve1cvelist1debiancve1redhatcve1cbl_mariner1nvd1vulnrichment1cve1nessus8photon1ubuntu4osv6openvas7mageia2