Products
UNKNOWN
Linux kernel
- UNKNOWN
Source
security@openanolis.org
Tags
CVE-2024-4810 details
Published : May 14, 2024, 4:17 p.m.
Last Modified : May 14, 2024, 7:17 p.m.
Last Modified : May 14, 2024, 7:17 p.m.
Description
In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value. To address this issue, index should be checked after ida_simple_get. When the index value is abnormal, a warning message should be printed, the port should be dropped, and the value should be recorded.
CVSS Score
1 | 2 | 3 | 4 | 5.3 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
5.3
Exploitability Score
Impact Score
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
References
URL | Source |
---|---|
https://bugzilla.openanolis.cn/show_bug.cgi?id=9008 | security@openanolis.org |
This website uses the NVD API, but is not approved or certified by it.