CVE-2024-47705

In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was modified to handle the specific case of -ENXIO separately, allowing the function to proceed without logging the error in this case. However, this change unintentionally left a path where md_autodetect_dev() could be called without confirming that part is a valid pointer. This commit separates the error handling logic by splitting the initial if-condition, improving code readability and handling specific error scenarios explicitly. The function now distinguishes the general error case from -ENXIO without altering the existing behavior of md_autodetect_dev() calls.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/26e197b7f9240a4ac301dd0ad520c0c697c2ea7d	Patch
https://git.kernel.org/stable/c/4bc4272e2506941c3f3d4fb8b0c659ee814dcf6f	Patch
https://git.kernel.org/stable/c/64cf2a39202ca2d9df5ee70eb310b6141ce2b8ed	Patch
https://git.kernel.org/stable/c/652039ba477c9a4ab43740cf2cb0d068d53508c2	Patch
https://git.kernel.org/stable/c/80f5bfbb80ea1615290dbc24f49d3d8c86db58fe	Patch
https://git.kernel.org/stable/c/afe53ea9b378c376101d99d216f13b6256f75189	Patch
https://git.kernel.org/stable/c/cc4d21d9492db4e534d3e01253cf885c90dd2a8b	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-10-21 12:15

Updated : 2024-10-24 13:35

NVD link : CVE-2024-47705

Mitre link : CVE-2024-47705

CVE.ORG link : CVE-2024-47705

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2024-47705", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-10-21T12:15:07.020", "references": [{"url": "https://git.kernel.org/stable/c/26e197b7f9240a4ac301dd0ad520c0c697c2ea7d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4bc4272e2506941c3f3d4fb8b0c659ee814dcf6f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/64cf2a39202ca2d9df5ee70eb310b6141ce2b8ed", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/652039ba477c9a4ab43740cf2cb0d068d53508c2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/80f5bfbb80ea1615290dbc24f49d3d8c86db58fe", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/afe53ea9b378c376101d99d216f13b6256f75189", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cc4d21d9492db4e534d3e01253cf885c90dd2a8b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix potential invalid pointer dereference in blk_add_partition\n\nThe blk_add_partition() function initially used a single if-condition\n(IS_ERR(part)) to check for errors when adding a partition. This was\nmodified to handle the specific case of -ENXIO separately, allowing the\nfunction to proceed without logging the error in this case. However,\nthis change unintentionally left a path where md_autodetect_dev()\ncould be called without confirming that part is a valid pointer.\n\nThis commit separates the error handling logic by splitting the\ninitial if-condition, improving code readability and handling specific\nerror scenarios explicitly. The function now distinguishes the general\nerror case from -ENXIO without altering the existing behavior of\nmd_autodetect_dev() calls."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: block: fix potential no valid pointer dereference in blk_add_partition La funci\u00f3n blk_add_partition() inicialmente usaba una sola condici\u00f3n if (IS_ERR(part)) para verificar errores al agregar una partici\u00f3n. Esto se modific\u00f3 para manejar el caso espec\u00edfico de -ENXIO por separado, lo que permite que la funci\u00f3n contin\u00fae sin registrar el error en este caso. Sin embargo, este cambio dej\u00f3 involuntariamente una ruta donde se pod\u00eda llamar a md_autodetect_dev() sin confirmar que part es un puntero v\u00e1lido. Esta confirmaci\u00f3n separa la l\u00f3gica de manejo de errores al dividir la condici\u00f3n if inicial, lo que mejora la legibilidad del c\u00f3digo y maneja escenarios de error espec\u00edficos de manera expl\u00edcita. La funci\u00f3n ahora distingue el caso de error general de -ENXIO sin alterar el comportamiento existente de las llamadas a md_autodetect_dev()."}], "lastModified": "2024-10-24T13:35:51.807", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "795A3EE6-0CAB-4409-A903-151C94ACECC0", "versionEndExcluding": "5.10.227", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C", "versionEndExcluding": "5.15.168", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE", "versionEndExcluding": "6.1.113", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D448821D-C085-4CAF-88FA-2DDE7BE21976", "versionEndExcluding": "6.6.54", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE94BB8D-B0AB-4563-9ED7-A12122B56EBE", "versionEndExcluding": "6.10.13", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB755D26-97F4-43B6-8604-CD076811E181", "versionEndExcluding": "6.11.2", "versionStartIncluding": "6.11"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}