CVE - CVE-2024-35813

CVE-ID
CVE-2024-35813	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_idata = idatas[i - 1], but doesn't check that the iterator i is greater than zero. Let's fix this by adding a check.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/064db53f9023a2d5877a2d12de6bc27995f6ca56 URL:https://git.kernel.org/stable/c/064db53f9023a2d5877a2d12de6bc27995f6ca56 MISC:https://git.kernel.org/stable/c/2b539c88940e22494da80a93ee1c5a28bbad10f6 URL:https://git.kernel.org/stable/c/2b539c88940e22494da80a93ee1c5a28bbad10f6 MISC:https://git.kernel.org/stable/c/4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2 URL:https://git.kernel.org/stable/c/4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2 MISC:https://git.kernel.org/stable/c/7d0e8a6147550aa058fa6ade8583ad252aa61304 URL:https://git.kernel.org/stable/c/7d0e8a6147550aa058fa6ade8583ad252aa61304 MISC:https://git.kernel.org/stable/c/81b8645feca08a54c7c4bf36e7b176f4983b2f28 URL:https://git.kernel.org/stable/c/81b8645feca08a54c7c4bf36e7b176f4983b2f28 MISC:https://git.kernel.org/stable/c/ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55 URL:https://git.kernel.org/stable/c/ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55 MISC:https://git.kernel.org/stable/c/b9a7339ae403035ffe7fc37cb034b36947910f68 URL:https://git.kernel.org/stable/c/b9a7339ae403035ffe7fc37cb034b36947910f68 MISC:https://git.kernel.org/stable/c/cf55a7acd1ed38afe43bba1c8a0935b51d1dc014 URL:https://git.kernel.org/stable/c/cf55a7acd1ed38afe43bba1c8a0935b51d1dc014 MLIST:[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Assigning CNA
kernel.org
Date Record Created
20240517	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240517)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.