Lucene search

GoogleOSV:CVE-2024-45021

HistorySep 11, 2024 - 4:15 p.m.

CVE-2024-45021

2024-09-1116:15:07

Google

osv.dev

linux kernel

memcg_write_event_control

vulnerability

user-triggerable

oops

nul

mapped

initialized

software

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

memcg_write_event_control(): fix a user-triggerable oops

we are not guaranteed that anything past the terminating NUL
is mapped (let alone initialized with anything sane).

References

git.kernel.org/stable/c/046667c4d3196938e992fba0dfcde570aa85cd0e

git.kernel.org/stable/c/0fbe2a72e853a1052abe9bc2b7df8ddb102da227

git.kernel.org/stable/c/1b37ec85ad95b612307627758c6018cd9d92cca8

git.kernel.org/stable/c/21b578f1d599edb87462f11113c5b0fc7a04ac61

git.kernel.org/stable/c/43768fa80fd192558737e24ed6548f74554611d7

git.kernel.org/stable/c/ad149f5585345e383baa65f1539d816cd715fd3b

git.kernel.org/stable/c/f1aa7c509aa766080db7ab3aec2e31b1df09e57c

git.kernel.org/stable/c/fa5bfdf6cb5846a00e712d630a43e3cf55ccb411

security-tracker.debian.org/tracker/CVE-2024-45021

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

Low

JSON

Related for OSV:CVE-2024-45021