Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: rtla/osnoise: Prevent NULL dereference in error handling If the "tool->data" allocation fails then there is no need to call osnoise_free_top() and, in fact, doing so will lead to a NULL dereference.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.17, < 6.1.107 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/753f1745146e03abd17eec8eee95faffc96d743dPatch
- https://git.kernel.org/stable/c/90574d2a675947858b47008df8d07f75ea50d0d0Patch
- https://git.kernel.org/stable/c/abdb9ddaaab476e62805e36cce7b4ef8413ffd01Patch
- https://git.kernel.org/stable/c/fc575212c6b75d538e1a0a74f4c7e2ac73bc46acPatch
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
FAQ
What is CVE-2024-45002?
CVE-2024-45002 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: rtla/osnoise: Prevent NULL dereference in error handling If the "tool->data" allocation fails then there is no need to call osnois...
How severe is CVE-2024-45002?
CVE-2024-45002 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-45002?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.