Lucene search

PRIOn knowledge basePRION:CVE-2024-24855

HistoryFeb 05, 2024 - 8:15 a.m.

Race condition

2024-02-0508:15:00

PRIOn knowledge base

www.prio-n.com

linux

kernel

scsi

driver

race condition

null pointer

denial of service

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

Low

1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

7.0%

JSON

A race condition was found in the Linux kernel’s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

CPENameOperatorVersion
linux_kerneleq2.6.34 rc1
linux_kernelle2.6.33.20
linux_kerneleq6.5 rc1
linux_kernelge6.0
linux_kernelle6.4.16

Name	Operator	Version
linux_kernel	eq	2.6.34 rc1
linux_kernel	le	2.6.33.20
linux_kernel	eq	6.5 rc1
linux_kernel	ge	6.0
linux_kernel	le	6.4.16

References

bugzilla.openanolis.cn/show_bug.cgi?id=8149

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

Low

1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

7.0%

JSON

Related for PRION:CVE-2024-24855