Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parse_btf_field() btf_find_struct_member() might return NULL or an error via the ERR_PTR() macro. However, its caller in parse_btf_field() only checks for the NULL condition. Fix this by using IS_ERR() and returning the error up the stack.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 6.6 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0Mailing ListPatch
- https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6aMailing ListPatch
- https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcbMailing ListPatch
- https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0Mailing ListPatch
- https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6aMailing ListPatch
- https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcbMailing ListPatch
FAQ
What is CVE-2024-36481?
CVE-2024-36481 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parse_btf_field() btf_find_struct_member() might return NULL or an error via the ERR_PTR() macr...
How severe is CVE-2024-36481?
CVE-2024-36481 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-36481?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.