OpenCVE

In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb
https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682
https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc
https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8
https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041
https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024051919-CVE-2024-35940-5c73@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-35940
https://www.cve.org/CVERecord?id=CVE-2024-35940

History

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Tue, 05 Nov 2024 16:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-19T10:10:45.582Z

Updated: 2024-11-05T15:42:36.316Z

Reserved: 2024-05-17T13:50:33.131Z

Link: CVE-2024-35940

Vulnrichment

Updated: 2024-08-02T03:21:49.063Z

NVD

Status : Awaiting Analysis

Published: 2024-05-19T11:15:49.757

Modified: 2024-11-21T09:21:15.043

Link: CVE-2024-35940

Redhat

Severity : Moderate

Publid Date: 2024-05-19T00:00:00Z

Links: CVE-2024-35940 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35940", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.131Z", "datePublished": "2024-05-19T10:10:45.582Z", "dateUpdated": "2024-11-05T15:42:36.316Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:25:24.504Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/zone: Add a null pointer check to the psz_kmsg_read\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/pstore/zone.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "98e2b97acb87", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "0ff96ec22a84", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "635594cca59f", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "ec7256887d07", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6f9f2e498eae", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "98bc7e26e14f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/pstore/zone.c"], "versions": [{"version": "5.10.215", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.155", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.86", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.27", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.6", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041"}, {"url": "https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb"}, {"url": "https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682"}, {"url": "https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70"}, {"url": "https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc"}, {"url": "https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8"}], "title": "pstore/zone: Add a null pointer check to the psz_kmsg_read", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.063Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-476", "lang": "en", "description": "CWE-476 NULL Pointer Dereference"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-05-20T15:01:33.845156Z", "id": "CVE-2024-35940", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-05T15:42:36.316Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.063Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-35940", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T15:01:33.845156Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-20T15:00:48.774Z"}}], "cna": {"title": "pstore/zone: Add a null pointer check to the psz_kmsg_read", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "98e2b97acb87", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "0ff96ec22a84", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "635594cca59f", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "ec7256887d07", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "6f9f2e498eae", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "98bc7e26e14f", "versionType": "git"}], "programFiles": ["fs/pstore/zone.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.10.215", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.155", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.86", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.27", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.6", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/pstore/zone.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041"}, {"url": "https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb"}, {"url": "https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682"}, {"url": "https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70"}, {"url": "https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc"}, {"url": "https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/zone: Add a null pointer check to the psz_kmsg_read\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:25:24.504Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35940", "state": "PUBLISHED", "dateUpdated": "2024-11-05T15:42:36.316Z", "dateReserved": "2024-05-17T13:50:33.131Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-19T10:10:45.582Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/zone: Add a null pointer check to the psz_kmsg_read\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: pstore/zone: agregue una verificaci\u00f3n de puntero null a psz_kmsg_read kasprintf() devuelve un puntero a la memoria asignada din\u00e1micamente que puede ser NULL en caso de falla. Aseg\u00farese de que la asignaci\u00f3n haya sido exitosa verificando la validez del puntero."}], "id": "CVE-2024-35940", "lastModified": "2024-11-21T09:21:15.043", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-19T11:15:49.757", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/0ff96ec22a84d80a18d7ae8ca7eb111c34ee33bb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/635594cca59f9d7a8e96187600c34facb8bc0682"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/6f9f2e498eae7897ba5d3e33908917f68ff4abcc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/98bc7e26e14fbb26a6abf97603d59532475e97f8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ec7256887d072f98c42cdbef4dcc80ddf84c7a70"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: pstore/zone: Add a null pointer check to the psz_kmsg_read", "id": "2281815", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281815"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\npstore/zone: Add a null pointer check to the psz_kmsg_read\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.", "A vulnerability was found in the Linux kernel's `pstore/zone` subsystem, specifically in the `psz_kmsg_read` function. The issue occurs because `kasprintf()` can return a NULL pointer if memory allocation fails, but there was no check for this in the affected code."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35940", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35940\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35940\nhttps://lore.kernel.org/linux-cve-announce/2024051919-CVE-2024-35940-5c73@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.10.215, kernel 5.15.155, kernel 6.1.86, kernel 6.6.27, kernel 6.8.6, kernel 6.9"}