CVE-2024-26771 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Add some null pointer checks to the edma_probe devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/4fe4e5adc7d29d214c59b59f61db73dec505ca3d
https://git.kernel.org/stable/c/6e2276203ac9ff10fc76917ec9813c660f627369
https://git.kernel.org/stable/c/7b24760f3a3c7ae1a176d343136b6c25174b7b27
https://git.kernel.org/stable/c/9d508c897153ae8dd79303f7f035f078139f6b49
https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce
https://git.kernel.org/stable/c/f2a5e30d1e9a629de6179fa23923a318d5feb29e
https://lore.kernel.org/linux-cve-announce/2024040307-CVE-2024-26771-b6de@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26771
https://www.cve.org/CVERecord?id=CVE-2024-26771

History

Tue, 05 Nov 2024 10:45:00 +0000

Type	Values Removed	Values Added
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-03T17:00:57.918Z

Updated: 2024-11-05T09:15:30.551Z

Reserved: 2024-02-19T14:20:24.175Z

Link: CVE-2024-26771

Vulnrichment

Updated: 2024-05-23T19:01:22.414Z

NVD

Status : Awaiting Analysis

Published: 2024-04-03T17:15:52.967

Modified: 2024-11-05T10:15:48.483

Link: CVE-2024-26771

Redhat

Severity : Moderate

Publid Date: 2024-04-03T00:00:00Z

Links: CVE-2024-26771 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26771", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.175Z", "datePublished": "2024-04-03T17:00:57.918Z", "dateUpdated": "2024-11-05T09:15:30.551Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:15:30.551Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Add some null pointer checks to the edma_probe\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/ti/edma.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "c432094aa7c9", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "4fe4e5adc7d2", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "9d508c897153", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "7b24760f3a3c", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "f2a5e30d1e9a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6e2276203ac9", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/ti/edma.c"], "versions": [{"version": "5.10.211", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.150", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.80", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.19", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.7", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce"}, {"url": "https://git.kernel.org/stable/c/4fe4e5adc7d29d214c59b59f61db73dec505ca3d"}, {"url": "https://git.kernel.org/stable/c/9d508c897153ae8dd79303f7f035f078139f6b49"}, {"url": "https://git.kernel.org/stable/c/7b24760f3a3c7ae1a176d343136b6c25174b7b27"}, {"url": "https://git.kernel.org/stable/c/f2a5e30d1e9a629de6179fa23923a318d5feb29e"}, {"url": "https://git.kernel.org/stable/c/6e2276203ac9ff10fc76917ec9813c660f627369"}], "title": "dmaengine: ti: edma: Add some null pointer checks to the edma_probe", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26771", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-08T14:05:41.933267Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:48:46.373Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.369Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4fe4e5adc7d29d214c59b59f61db73dec505ca3d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9d508c897153ae8dd79303f7f035f078139f6b49", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7b24760f3a3c7ae1a176d343136b6c25174b7b27", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f2a5e30d1e9a629de6179fa23923a318d5feb29e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6e2276203ac9ff10fc76917ec9813c660f627369", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26771", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-08T14:05:41.933267Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:22.414Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "dmaengine: ti: edma: Add some null pointer checks to the edma_probe", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "c432094aa7c9", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "4fe4e5adc7d2", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "9d508c897153", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "7b24760f3a3c", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "f2a5e30d1e9a", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "6e2276203ac9", "versionType": "git"}], "programFiles": ["drivers/dma/ti/edma.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.10.211", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.150", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.80", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.19", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.7", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/dma/ti/edma.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce"}, {"url": "https://git.kernel.org/stable/c/4fe4e5adc7d29d214c59b59f61db73dec505ca3d"}, {"url": "https://git.kernel.org/stable/c/9d508c897153ae8dd79303f7f035f078139f6b49"}, {"url": "https://git.kernel.org/stable/c/7b24760f3a3c7ae1a176d343136b6c25174b7b27"}, {"url": "https://git.kernel.org/stable/c/f2a5e30d1e9a629de6179fa23923a318d5feb29e"}, {"url": "https://git.kernel.org/stable/c/6e2276203ac9ff10fc76917ec9813c660f627369"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: edma: Add some null pointer checks to the edma_probe\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:22:26.609Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26771", "state": "PUBLISHED", "dateUpdated": "2024-05-29T05:22:26.609Z", "dateReserved": "2024-02-19T14:20:24.175Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-03T17:00:57.918Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: dmaengine: ti: edma: Add some null pointer checks to the edma_probe", "id": "2273238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273238"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-170", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndmaengine: ti: edma: Add some null pointer checks to the edma_probe\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.", "A vulnerability was found in the devm_kasprintf() function in the Enhanced Direct Memory Access (TI EDMA) driver in the Linux kernel, which returns a pointer to dynamically allocated memory. This pointer could return NULL if the function fails, which could result in crashes or undefined behavior."], "name": "CVE-2024-26771", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26771\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26771\nhttps://lore.kernel.org/linux-cve-announce/2024040307-CVE-2024-26771-b6de@gregkh/T"], "statement": "Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability because they do not build the affected driver.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.10.211, kernel 5.15.150, kernel 6.1.80, kernel 6.6.19, kernel 6.7.7, kernel 6.8"}