CVE-2024-53226

MEDIUM EPSS 14.5%
Published Dec 27, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Dec 27, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() ib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument. The driver needs to check whether it is a NULL pointer before dereferencing it.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥5.10.224  –  <5.10.231
linuxlinux_kernel*≥5.15.165  –  <5.15.174
linuxlinux_kernel*≥6.1.103  –  <6.1.120
linuxlinux_kernel*≥6.6.44  –  <6.6.64
linuxlinux_kernel*≥6.10.3  –  <6.11.11
linuxlinux_kernel*≥6.12  –  <6.12.2

References 9

  • git.kernel.org https://git.kernel.org/stable/c/35f5b68f63aac61d30ce0b0c6beb09b8845a3e65
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52617e76f4963644db71dc0a17e998654dc0c7f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b0d7d6e6883d0ec70cd7b5a02c47c003d5defe7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b526d17eed850352d880b93b9bf20b93006bd92
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/71becb0e9df78a8d43dfd0efcef18c830a0af477
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8c269bb2cc666ca580271e1a8136c63ac9162e1e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd715e191d444992d6ed124f15856da5c1cae2de
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/35f5b68f63aac61d30ce0b0c6beb09b8845a3e65
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52617e76f4963644db71dc0a17e998654dc0c7f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b0d7d6e6883d0ec70cd7b5a02c47c003d5defe7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6b526d17eed850352d880b93b9bf20b93006bd92
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/71becb0e9df78a8d43dfd0efcef18c830a0af477
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8c269bb2cc666ca580271e1a8136c63ac9162e1e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd715e191d444992d6ed124f15856da5c1cae2de
    Patch