CVE-2024-36015

Published: May 29, 2024Modified: Nov 4, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value. To address this issue, index should be checked after ida_simple_get. When the index value is abnormal, a warning message should be printed, the port should be dropped, and the value should be recorded.

Affected (15)

Products: Linux: Linux Kernel

1 product

Configuration A

15 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.10.7 to 4.11
Linux Linux Kernel	From 4.11.1 to 4.19.316
Linux Linux Kernel	From 4.20 to 5.4.278
Linux Linux Kernel	From 4.9.22 to 4.10
Linux Linux Kernel	From 5.11 to 5.15.161
Linux Linux Kernel	From 5.16 to 6.1.93
Linux Linux Kernel	From 5.5 to 5.10.219
Linux Linux Kernel	From 6.2 to 6.6.33
Linux Linux Kernel	From 6.7 to 6.9.4
Linux Linux Kernel	Version 4.11
Linux Linux Kernel	Version 4.11 rc4
Linux Linux Kernel	Version 4.11 rc5
Linux Linux Kernel	Version 4.11 rc6
Linux Linux Kernel	Version 4.11 rc7
Linux Linux Kernel	Version 4.11 rc8

Related CWEs

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (17)

https://git.kernel.org/stable/c/5d5b24edad1107a2ffa99058f20f6aeeafeb5d39

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/65cd017d43f4319a56747d38308b0a24cf57299e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b65d0410b879af0295d22438a4a32012786d152a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b8c6b83cc3adff3ddf403c8c7063fe6d08b2b9d9

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/d32caf51379a4d71db03d3d4d7c22d27cdf7f68b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/df9329247dbbf00f6057e002139ab3fa529ad828

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ec3468221efec6660ff656e9ebe51ced3520fc57

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fbf740aeb86a4fe82ad158d26d711f2f3be79b3e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/5d5b24edad1107a2ffa99058f20f6aeeafeb5d39

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/65cd017d43f4319a56747d38308b0a24cf57299e

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b65d0410b879af0295d22438a4a32012786d152a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b8c6b83cc3adff3ddf403c8c7063fe6d08b2b9d9

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/d32caf51379a4d71db03d3d4d7c22d27cdf7f68b

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/df9329247dbbf00f6057e002139ab3fa529ad828

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ec3468221efec6660ff656e9ebe51ced3520fc57

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/fbf740aeb86a4fe82ad158d26d711f2f3be79b3e

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.