Lucene search

K

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-35904

HistoryMay 19, 2024 - 9:15 a.m.

CVE-2024-35904

2024-05-1909:15:11

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

2

linux

kernel

selinux

vulnerability

mount

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

15.5%

In the Linux kernel, the following vulnerability has been resolved:

selinux: avoid dereference of garbage after mount failure

In case kern_mount() fails and returns an error pointer return in the
error branch instead of continuing and dereferencing the error pointer.

While on it drop the never read static variable selinuxfs_mount.

References

www.openwall.com/lists/oss-security/2024/05/30/1

www.openwall.com/lists/oss-security/2024/05/30/2

git.kernel.org/stable/c/37801a36b4d68892ce807264f784d818f8d0d39b

git.kernel.org/stable/c/477ed6789eb9f3f4d3568bb977f90c863c12724e

git.kernel.org/stable/c/68784a5d01b8868ff85a7926676b6729715fff3c

AI Score

6.4

Confidence

Low

EPSS

0

Percentile

15.5%

Related for NVD:CVE-2024-35904

osv5 debiancve1 redhatcve1 cve1 ubuntucve1 vulnrichment1 cvelist1 nessus18 openvas13 ubuntu4