CVE-2024-50284

MEDIUM EPSS 13.5%
Published Nov 19, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Nov 19, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix the missing xa_store error check xa_store() can fail, it return xa_err(-EINVAL) if the entry cannot be stored in an XArray, or xa_err(-ENOMEM) if memory allocation failed, so check error for xa_store() to fix it.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-754

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥5.15.145  –  <5.16
linuxlinux_kernel*≥6.1.71  –  <6.1.117
linuxlinux_kernel*≥6.3  –  <6.6.61
linuxlinux_kernel*≥6.7  –  <6.11.8
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/3abab905b14f4ba756d413f37f1fb02b708eee93
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/726c1568b9145fa13ee248df184b186c382a7ff8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c2a232c4f790f4bcd4d218904c56ac7a39a448f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d8664ce789bd46290c59a00da6897252f92c237d
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3abab905b14f4ba756d413f37f1fb02b708eee93
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/726c1568b9145fa13ee248df184b186c382a7ff8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c2a232c4f790f4bcd4d218904c56ac7a39a448f5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d8664ce789bd46290c59a00da6897252f92c237d
    Patch