Lucene search

Redhat.comRH:CVE-2024-23196

HistoryFeb 06, 2024 - 1:32 p.m.

CVE-2024-23196

2024-02-0613:32:08

redhat.com

access.redhat.com

linux kernel

sound/hda driver

race condition

cve-2024-23196

null pointer

denial of service

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H

4.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A race condition was found in the Linux kernel’s sound/hda device driver in the snd_hdac_regmap_sync() function. This issue can result in a NULL pointer dereference issue, possibly leading to kernel panic and local denial of service issues.

References

bugzilla.redhat.com/show_bug.cgi?id=2262988

nvd.nist.gov/vuln/detail/CVE-2024-23196

www.cve.org/CVERecord?id=CVE-2024-23196

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H

4.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for RH:CVE-2024-23196