uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind
CVE-2024-46739

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2024

What is CVE-2024-46739?

In the Linux kernel, the following vulnerability has been resolved:

uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind

For primary VM Bus channels, primary_channel pointer is always NULL. This pointer is valid only for the secondary channels. Also, rescind callback is meant for primary channels only.

Fix NULL pointer dereference by retrieving the device_obj from the parent for the primary channel.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ca3cda6fcf1e922213a0cc58e708ffb999151db3 < 3d414b64ecf6fd717d7510ffb893c6f23acbf50e

Linux ca3cda6fcf1e922213a0cc58e708ffb999151db3

Linux ca3cda6fcf1e922213a0cc58e708ffb999151db3 < 1d8e020e51ab07e40f9dd00b52f1da7d96fec04c

References

https://git.kernel.org/stable/c/3d414b64ecf6fd717d7510ffb...

https://git.kernel.org/stable/c/f38f46da80a2ab7d1b2f8fcb4...

https://git.kernel.org/stable/c/1d8e020e51ab07e40f9dd00b5...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2024
Vulnerability Reserved
Sep 11, 2024

JSON

Linux

What is CVE-2024-46739?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.