CVE-2024-35916

dma-buf: Fix NULL pointer dereference in sanitycheck()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

dma-buf: Fix NULL pointer dereference in sanitycheck()

If due to a memory allocation failure mock_chain() returns NULL, it is
passed to dma_fence_enable_sw_signaling() resulting in NULL pointer
dereference there.

Call dma_fence_enable_sw_signaling() only if mock_chain() succeeds.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dma-buf: corrige la desreferencia del puntero NULL en sanitycheck(). Si debido a un error en la asignación de memoria, mock_chain() devuelve NULL, se pasa a dma_fence_enable_sw_signaling(), lo que genera una desreferencia del puntero NULL allí. . Llame a dma_fence_enable_sw_signaling() solo si mock_chain() tiene éxito. Encontrado por el Centro de verificación de Linux (linuxtesting.org) con SVACE.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-17 CVE Reserved
2024-05-19 CVE Published
2024-05-20 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/d62c43a953ce02d54521ec06217d0c2ed6d489af	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/0336995512cdab0c65e99e4cdd47c4606debe14e	2024-04-10
https://git.kernel.org/stable/c/156c226cbbdcf5f3bce7b2408a33b59fab7fae2c	2024-04-10
https://git.kernel.org/stable/c/eabf131cba1db12005a68378305f13b9090a7a6b	2024-04-10
https://git.kernel.org/stable/c/2295bd846765c766701e666ed2e4b35396be25e6	2024-03-20

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.1.85 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.1.85"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.6.26 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.6.26"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.8.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.8.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1 < 6.9"		en		Affected