CVE-2024-35813

2024-05-1700:00:00

ubuntu.com

linux kernel

vulnerability

mmc core

array access

AI Score

6.7

Confidence

High

EPSS

Percentile

13.0%

JSON

In the Linux kernel, the following vulnerability has been resolved: mmc:
core: Avoid negative index with array access Commit 4d0c8d0aef63 (“mmc:
core: Use mrq.sbc in close-ended ffu”) assigns prev_idata = idatas[i - 1],
but doesn’t check that the iterator i is greater than zero. Let’s fix this
by adding a check.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-189.209UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-116.126UNKNOWN
ubuntu24.04noarchlinux< 6.8.0-35.35UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1128.138UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1065.71UNKNOWN
ubuntu24.04noarchlinux-aws< 6.8.0-1009.9UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1065.71~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< anyUNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1133.140UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	linux	< 5.4.0-189.209	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-116.126	UNKNOWN
ubuntu	24.04	noarch	linux	< 6.8.0-35.35	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1128.138	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1065.71	UNKNOWN
ubuntu	24.04	noarch	linux-aws	< 6.8.0-1009.9	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1065.71~20.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< 5.4.0-1133.140	UNKNOWN