cvelistv5 - CVE-2024-57894

CVE-2024-57894

Vulnerability from cvelistv5

Published

2025-01-15 13:05

Modified

2025-01-20 06:29

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix sleeping function called from invalid context This reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs like the bellow: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2 preempt_count: 0, expected: 0 RCU nest depth: 1, expected: 0 4 locks held by kworker/u9:2/5070: #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline] #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335 #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline] #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335 #2: ffff8880665d0078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914 #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915 CPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Workqueue: hci0 hci_rx_work Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 __might_resched+0x5d4/0x780 kernel/sched/core.c:10187 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752 hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline] hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939 hci_event_func net/bluetooth/hci_event.c:7514 [inline] hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569 hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 </TASK>

References

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f

Impacted products

Vendor

Product

Version

▼

Linux

Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/bluetooth/hci_core.h",
            "net/bluetooth/hci_core.c",
            "net/bluetooth/iso.c",
            "net/bluetooth/l2cap_core.c",
            "net/bluetooth/rfcomm/core.c",
            "net/bluetooth/sco.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "028a68886ead0764f4b26adfcaebf9f1955e76ea",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "bef333418368c58690b501894324c09124e4614f",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "4a31c018bfe4de84c0741aadd2c913a2490b186d",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "4d94f05558271654670d18c26c912da0c1c15549",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/bluetooth/hci_core.h",
            "net/bluetooth/hci_core.c",
            "net/bluetooth/iso.c",
            "net/bluetooth/l2cap_core.c",
            "net/bluetooth/rfcomm/core.c",
            "net/bluetooth/sco.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.70",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix sleeping function called from invalid context\n\nThis reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs\nlike the bellow:\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\nin_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2\npreempt_count: 0, expected: 0\nRCU nest depth: 1, expected: 0\n4 locks held by kworker/u9:2/5070:\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline]\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline]\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335\n #2: ffff8880665d0078 (\u0026hdev-\u003elock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915\nCPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n __might_resched+0x5d4/0x780 kernel/sched/core.c:10187\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752\n hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline]\n hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939\n hci_event_func net/bluetooth/hci_event.c:7514 [inline]\n hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569\n hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335\n worker_thread+0x86d/0xd70 kernel/workqueue.c:3416\n kthread+0x2f0/0x390 kernel/kthread.c:388\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n \u003c/TASK\u003e"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-20T06:29:03.988Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea"
        },
        {
          "url": "https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549"
        }
      ],
      "title": "Bluetooth: hci_core: Fix sleeping function called from invalid context",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-57894",
    "datePublished": "2025-01-15T13:05:46.564Z",
    "dateReserved": "2025-01-11T14:45:42.028Z",
    "dateUpdated": "2025-01-20T06:29:03.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-57894\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-15T13:15:13.943\",\"lastModified\":\"2025-01-15T13:15:13.943\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nBluetooth: hci_core: Fix sleeping function called from invalid context\\n\\nThis reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs\\nlike the bellow:\\n\\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\\nin_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2\\npreempt_count: 0, expected: 0\\nRCU nest depth: 1, expected: 0\\n4 locks held by kworker/u9:2/5070:\\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline]\\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335\\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline]\\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335\\n #2: ffff8880665d0078 (\u0026hdev-\u003elock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914\\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]\\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]\\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915\\nCPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\\nWorkqueue: hci0 hci_rx_work\\nCall Trace:\\n \u003cTASK\u003e\\n __dump_stack lib/dump_stack.c:88 [inline]\\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\\n __might_resched+0x5d4/0x780 kernel/sched/core.c:10187\\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\\n __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752\\n hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline]\\n hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939\\n hci_event_func net/bluetooth/hci_event.c:7514 [inline]\\n hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569\\n hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171\\n process_one_work kernel/workqueue.c:3254 [inline]\\n process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335\\n worker_thread+0x86d/0xd70 kernel/workqueue.c:3416\\n kthread+0x2f0/0x390 kernel/kthread.c:388\\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\\n \u003c/TASK\u003e\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: hci_core: Se corrige la funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido. Esto modifica hci_cb_list para que no use mutex hci_cb_list_lock para evitar errores como el siguiente: ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:585 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2 preempt_count: 0, expected: 0 RCU nest depth: 1, expected: 0 4 locks held by kworker/u9:2/5070: #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline] #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335 #1: ffffc90003b6fd00 ((work_completion)(\u0026amp;hdev-\u0026gt;rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline] #1: ffffc90003b6fd00 ((work_completion)(\u0026amp;hdev-\u0026gt;rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335 #2: ffff8880665d0078 (\u0026amp;hdev-\u0026gt;lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914 #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915 CPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Workqueue: hci0 hci_rx_work Call Trace:  __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 __might_resched+0x5d4/0x780 kernel/sched/core.c:10187 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752 hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline] hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939 hci_event_func net/bluetooth/hci_event.c:7514 [inline] hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569 hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 \"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}

wid-sec-w-2025-0105

Vulnerability from csaf_certbund

Published

2025-01-15 23:00

Modified

2025-01-15 23:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0105 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0105.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0105 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0105"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-36476",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011531-CVE-2024-36476-b2a1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-39282",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011532-CVE-2024-39282-491b@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-53681",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011532-CVE-2024-53681-e199@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-54031",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011532-CVE-2024-54031-f640@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57795",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011533-CVE-2024-57795-e560@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57801",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011533-CVE-2024-57801-6479@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57802",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011533-CVE-2024-57802-c728@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57841",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011534-CVE-2024-57841-751f@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57844",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011534-CVE-2024-57844-a3cd@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57857",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011534-CVE-2024-57857-29db@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57882",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011507-CVE-2024-57882-8f05@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57883",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011510-CVE-2024-57883-b603@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57884",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011510-CVE-2024-57884-4cf8@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57885",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011510-CVE-2024-57885-ea46@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57886",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011511-CVE-2024-57886-9059@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57887",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011511-CVE-2024-57887-db31@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57888",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011511-CVE-2024-57888-0b38@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57889",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011512-CVE-2024-57889-a2a5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57890",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011512-CVE-2024-57890-aaf3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57891",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011512-CVE-2024-57891-06ef@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57892",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011513-CVE-2024-57892-6d53@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57893",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011513-CVE-2024-57893-b263@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57894",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011513-CVE-2024-57894-fbfe@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57895",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011514-CVE-2024-57895-9034@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57896",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011514-CVE-2024-57896-af67@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57897",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011514-CVE-2024-57897-de29@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57898",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011515-CVE-2024-57898-bfde@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57899",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011515-CVE-2024-57899-0b1c@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57900",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011515-CVE-2024-57900-72ad@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57901",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011516-CVE-2024-57901-1f9e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57902",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011516-CVE-2024-57902-7ddb@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2024-57903",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011517-CVE-2024-57903-fd2a@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21629",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011517-CVE-2025-21629-e230@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-21630",
        "url": "https://lore.kernel.org/linux-cve-announce/2025011517-CVE-2025-21630-7665@gregkh/"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2025-01-15T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-16T11:43:17.808+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0105",
      "initial_release_date": "2025-01-15T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-15T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T040361",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-36476",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-36476"
    },
    {
      "cve": "CVE-2024-39282",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-39282"
    },
    {
      "cve": "CVE-2024-53681",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-53681"
    },
    {
      "cve": "CVE-2024-54031",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-54031"
    },
    {
      "cve": "CVE-2024-57795",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57795"
    },
    {
      "cve": "CVE-2024-57801",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57801"
    },
    {
      "cve": "CVE-2024-57802",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57802"
    },
    {
      "cve": "CVE-2024-57841",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57841"
    },
    {
      "cve": "CVE-2024-57844",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57844"
    },
    {
      "cve": "CVE-2024-57857",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57857"
    },
    {
      "cve": "CVE-2024-57882",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57882"
    },
    {
      "cve": "CVE-2024-57883",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57883"
    },
    {
      "cve": "CVE-2024-57884",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57884"
    },
    {
      "cve": "CVE-2024-57885",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57885"
    },
    {
      "cve": "CVE-2024-57886",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57886"
    },
    {
      "cve": "CVE-2024-57887",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57887"
    },
    {
      "cve": "CVE-2024-57888",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57888"
    },
    {
      "cve": "CVE-2024-57889",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57889"
    },
    {
      "cve": "CVE-2024-57890",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57890"
    },
    {
      "cve": "CVE-2024-57891",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57891"
    },
    {
      "cve": "CVE-2024-57892",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57892"
    },
    {
      "cve": "CVE-2024-57893",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57893"
    },
    {
      "cve": "CVE-2024-57894",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57894"
    },
    {
      "cve": "CVE-2024-57895",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57895"
    },
    {
      "cve": "CVE-2024-57896",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57896"
    },
    {
      "cve": "CVE-2024-57897",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57897"
    },
    {
      "cve": "CVE-2024-57898",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57898"
    },
    {
      "cve": "CVE-2024-57899",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57899"
    },
    {
      "cve": "CVE-2024-57900",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57900"
    },
    {
      "cve": "CVE-2024-57901",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57901"
    },
    {
      "cve": "CVE-2024-57902",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57902"
    },
    {
      "cve": "CVE-2024-57903",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2024-57903"
    },
    {
      "cve": "CVE-2025-21629",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2025-21629"
    },
    {
      "cve": "CVE-2025-21630",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux-Kernel bestehen mehrere Schwachstellen aufgrund verschiedener Fehler in der Speicherverwaltung (use after free, null pointer, etc.). Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und m\u00f6glicherweise andere, nicht spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040361"
        ]
      },
      "release_date": "2025-01-15T23:00:00.000+00:00",
      "title": "CVE-2025-21630"
    }
  ]
}

fkie_cve-2024-57894

Vulnerability from fkie_nvd

Published

2025-01-15 13:15

Modified

2025-01-15 13:15

Severity ?

Summary

References

▼	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix sleeping function called from invalid context\n\nThis reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs\nlike the bellow:\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\nin_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2\npreempt_count: 0, expected: 0\nRCU nest depth: 1, expected: 0\n4 locks held by kworker/u9:2/5070:\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline]\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline]\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335\n #2: ffff8880665d0078 (\u0026hdev-\u003elock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915\nCPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n __might_resched+0x5d4/0x780 kernel/sched/core.c:10187\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752\n hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline]\n hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939\n hci_event_func net/bluetooth/hci_event.c:7514 [inline]\n hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569\n hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335\n worker_thread+0x86d/0xd70 kernel/workqueue.c:3416\n kthread+0x2f0/0x390 kernel/kthread.c:388\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n \u003c/TASK\u003e"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: hci_core: Se corrige la funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido. Esto modifica hci_cb_list para que no use mutex hci_cb_list_lock para evitar errores como el siguiente: ERROR: funci\u00f3n inactiva llamada desde un contexto no v\u00e1lido en kernel/locking/mutex.c:585 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2 preempt_count: 0, expected: 0 RCU nest depth: 1, expected: 0 4 locks held by kworker/u9:2/5070: #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline] #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335 #1: ffffc90003b6fd00 ((work_completion)(\u0026amp;hdev-\u0026gt;rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline] #1: ffffc90003b6fd00 ((work_completion)(\u0026amp;hdev-\u0026gt;rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335 #2: ffff8880665d0078 (\u0026amp;hdev-\u0026gt;lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914 #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915 CPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Workqueue: hci0 hci_rx_work Call Trace:  __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 __might_resched+0x5d4/0x780 kernel/sched/core.c:10187 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752 hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline] hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939 hci_event_func net/bluetooth/hci_event.c:7514 [inline] hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569 hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 "
    }
  ],
  "id": "CVE-2024-57894",
  "lastModified": "2025-01-15T13:15:13.943",
  "metrics": {},
  "published": "2025-01-15T13:15:13.943",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

ghsa-9xjq-2vrw-4465

Vulnerability from github

Published

2025-01-15 15:31

Modified

2025-01-15 15:31

Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: hci_core: Fix sleeping function called from invalid context

This reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs like the bellow:

BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2 preempt_count: 0, expected: 0 RCU nest depth: 1, expected: 0 4 locks held by kworker/u9:2/5070: #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline] #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335 #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline] #1: ffffc90003b6fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335 #2: ffff8880665d0078 (&hdev->lock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914 #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline] #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915 CPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Workqueue: hci0 hci_rx_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 __might_resched+0x5d4/0x780 kernel/sched/core.c:10187 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752 hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline] hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939 hci_event_func net/bluetooth/hci_event.c:7514 [inline] hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569 hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171 process_one_work kernel/workqueue.c:3254 [inline] process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335 worker_thread+0x86d/0xd70 kernel/workqueue.c:3416 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-57894"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-15T13:15:13Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix sleeping function called from invalid context\n\nThis reworks hci_cb_list to not use mutex hci_cb_list_lock to avoid bugs\nlike the bellow:\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\nin_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5070, name: kworker/u9:2\npreempt_count: 0, expected: 0\nRCU nest depth: 1, expected: 0\n4 locks held by kworker/u9:2/5070:\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3229 [inline]\n #0: ffff888015be3948 ((wq_completion)hci0#2){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 kernel/workqueue.c:3335\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3230 [inline]\n #1: ffffc90003b6fd00 ((work_completion)(\u0026hdev-\u003erx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 kernel/workqueue.c:3335\n #2: ffff8880665d0078 (\u0026hdev-\u003elock){+.+.}-{3:3}, at: hci_le_create_big_complete_evt+0xcf/0xae0 net/bluetooth/hci_event.c:6914\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline]\n #3: ffffffff8e132020 (rcu_read_lock){....}-{1:2}, at: hci_le_create_big_complete_evt+0xdb/0xae0 net/bluetooth/hci_event.c:6915\nCPU: 0 PID: 5070 Comm: kworker/u9:2 Not tainted 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n __might_resched+0x5d4/0x780 kernel/sched/core.c:10187\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0xc1/0xd70 kernel/locking/mutex.c:752\n hci_connect_cfm include/net/bluetooth/hci_core.h:2004 [inline]\n hci_le_create_big_complete_evt+0x3d9/0xae0 net/bluetooth/hci_event.c:6939\n hci_event_func net/bluetooth/hci_event.c:7514 [inline]\n hci_event_packet+0xa53/0x1540 net/bluetooth/hci_event.c:7569\n hci_rx_work+0x3e8/0xca0 net/bluetooth/hci_core.c:4171\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0xa00/0x1770 kernel/workqueue.c:3335\n worker_thread+0x86d/0xd70 kernel/workqueue.c:3416\n kthread+0x2f0/0x390 kernel/kthread.c:388\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n \u003c/TASK\u003e",
  "id": "GHSA-9xjq-2vrw-4465",
  "modified": "2025-01-15T15:31:25Z",
  "published": "2025-01-15T15:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57894"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/028a68886ead0764f4b26adfcaebf9f1955e76ea"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4a31c018bfe4de84c0741aadd2c913a2490b186d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4d94f05558271654670d18c26c912da0c1c15549"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bef333418368c58690b501894324c09124e4614f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-57894

Vulnerability from cvelistv5

wid-sec-w-2025-0105

Vulnerability from csaf_certbund

fkie_cve-2024-57894

Vulnerability from fkie_nvd

ghsa-9xjq-2vrw-4465

Vulnerability from github

Tags

Sightings

Nomenclature