CVE - CVE-2024-27046

CVE-ID
CVE-2024-27046	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure The kmalloc_array() in nfp_fl_lag_do_work() will return null, if the physical memory has run out. As a result, if we dereference the acti_netdevs, the null pointer dereference bugs will happen. This patch adds a check to judge whether allocation failure occurs. If it happens, the delayed work will be rescheduled and try again.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5 URL:https://git.kernel.org/stable/c/0d387dc503f9a53e6d1f6e9dd0292d38f083eba5 MISC:https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d URL:https://git.kernel.org/stable/c/3b1e8a617eb0f4cdc19def530047a95b5abde07d MISC:https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642 URL:https://git.kernel.org/stable/c/408ba7fd04f959c61b50db79c983484312fea642 MISC:https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002 URL:https://git.kernel.org/stable/c/84e95149bd341705f0eca6a7fcb955c548805002 MISC:https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f URL:https://git.kernel.org/stable/c/928705e341010dd910fdece61ccb974f494a758f MISC:https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2 URL:https://git.kernel.org/stable/c/9d8eb1238377cd994829f9162ae396a84ae037b2 MISC:https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d URL:https://git.kernel.org/stable/c/c8df9203bf22c66fa26e8d8c7f8ce181cf88099d MISC:https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3 URL:https://git.kernel.org/stable/c/c9b4e220dd18f79507803f38a55d53b483f6c9c3 MISC:https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e URL:https://git.kernel.org/stable/c/d746889db75a76aeee95fb705b8e1ac28c684a2e MLIST:[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html MLIST:[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Assigning CNA
kernel.org
Date Record Created
20240219	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240219)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.