{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-26604", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.129Z", "datePublished": "2024-02-24T14:56:58.273Z", "dateUpdated": "2024-08-02T00:07:19.704Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:19:24.318Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"kobject: Remove redundant checks for whether ktype is NULL\"\n\nThis reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31.\n\nIt is reported to cause problems, so revert it for now until the root\ncause can be found."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["lib/kobject.c"], "versions": [{"version": "1b28cb81dab7", "lessThan": "7f414d306320", "status": "affected", "versionType": "git"}, {"version": "1b28cb81dab7", "lessThan": "b746d52ce7bc", "status": "affected", "versionType": "git"}, {"version": "1b28cb81dab7", "lessThan": "3ca8fbabcceb", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["lib/kobject.c"], "versions": [{"version": "6.6", "status": "affected"}, {"version": "0", "lessThan": "6.6", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.18", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7.6", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/7f414d306320f837cc3df96cf52161cb8290fb1b"}, {"url": "https://git.kernel.org/stable/c/b746d52ce7bcac325a2fa264216ead85b7fbbfaa"}, {"url": "https://git.kernel.org/stable/c/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c"}], "title": "Revert \"kobject: Remove redundant checks for whether ktype is NULL\"", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26604", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-28T21:07:11.228544Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:22:05.219Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:07:19.704Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/7f414d306320f837cc3df96cf52161cb8290fb1b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b746d52ce7bcac325a2fa264216ead85b7fbbfaa", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26604", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-28T21:07:11.228544Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:41.152Z"}}], "cna": {"title": "Revert \"kobject: Remove redundant checks for whether ktype is NULL\"", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1b28cb81dab7", "lessThan": "7f414d306320", "versionType": "git"}, {"status": "affected", "version": "1b28cb81dab7", "lessThan": "b746d52ce7bc", "versionType": "git"}, {"status": "affected", "version": "1b28cb81dab7", "lessThan": "3ca8fbabcceb", "versionType": "git"}], "programFiles": ["lib/kobject.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.6"}, {"status": "unaffected", "version": "0", "lessThan": "6.6", "versionType": "custom"}, {"status": "unaffected", "version": "6.6.18", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.6", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["lib/kobject.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/7f414d306320f837cc3df96cf52161cb8290fb1b"}, {"url": "https://git.kernel.org/stable/c/b746d52ce7bcac325a2fa264216ead85b7fbbfaa"}, {"url": "https://git.kernel.org/stable/c/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"kobject: Remove redundant checks for whether ktype is NULL\"\n\nThis reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31.\n\nIt is reported to cause problems, so revert it for now until the root\ncause can be found."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:19:24.318Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26604", "state": "PUBLISHED", "dateUpdated": "2024-07-05T17:22:05.219Z", "dateReserved": "2024-02-19T14:20:24.129Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-24T14:56:58.273Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B01C40A-3045-4566-BF8E-BAE6C4DB3469", "versionEndExcluding": "6.6.18", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C8D1FAD-4D5D-4A25-B058-2AD15082710E", "versionEndExcluding": "6.7.6", "versionStartIncluding": "6.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"kobject: Remove redundant checks for whether ktype is NULL\"\n\nThis reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31.\n\nIt is reported to cause problems, so revert it for now until the root\ncause can be found."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Revertir \"kobject: eliminar comprobaciones redundantes para saber si ktype es NULL\" Esto revierte el commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31. Se informa que causa problemas, as\u00ed que rev\u00edselo por ahora hasta que se pueda encontrar la causa ra\u00edz."}], "id": "CVE-2024-26604", "lastModified": "2024-04-17T17:55:23.003", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-26T16:28:00.150", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7f414d306320f837cc3df96cf52161cb8290fb1b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b746d52ce7bcac325a2fa264216ead85b7fbbfaa"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: null pointer dereference in kobject", "id": "2266257", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266257"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nRevert \"kobject: Remove redundant checks for whether ktype is NULL\"\nThis reverts commit 1b28cb81dab7c1eedc6034206f4e8d644046ad31.\nIt is reported to cause problems, so revert it for now until the root\ncause can be found.", "A vulnerability was found in the Linux kernel. A NULL pointer dereference exists in kobject."], "name": "CVE-2024-26604", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26604\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26604\nhttps://git.kernel.org/stable/c/3ca8fbabcceb8bfe44f7f50640092fd8f1de375c\nhttps://git.kernel.org/stable/c/7f414d306320f837cc3df96cf52161cb8290fb1b\nhttps://git.kernel.org/stable/c/b746d52ce7bcac325a2fa264216ead85b7fbbfaa"], "statement": "Red Hat Enterprise Linux 9 and 8 are not affected by this vulnerability.", "threat_severity": "Moderate"}