CVE-2024-34030

low-risk

Published 2024-06-24

In the Linux kernel, the following vulnerability has been resolved: PCI: of_property: Return error for int_map allocation failure Return -ENOMEM from of_pci_prop_intr_map() if kcalloc() fails to prevent a NULL pointer dereference in this case. [bhelgaas: commit log]

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.7/10 Medium

LOCAL / HIGH complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (6)

Patch https://git.kernel.org/stable/c/598e4a37a2f8da9144ba1fab04320c32169b6d0d

Patch https://git.kernel.org/stable/c/b5f31d1470c4fdfae368feeb389768ba8d24fb34

Patch https://git.kernel.org/stable/c/e6f7d27df5d208b50cae817a91d128fb434bb12c

Patch https://git.kernel.org/stable/c/598e4a37a2f8da9144ba1fab04320c32169b6d0d

Patch https://git.kernel.org/stable/c/b5f31d1470c4fdfae368feeb389768ba8d24fb34

Patch https://git.kernel.org/stable/c/e6f7d27df5d208b50cae817a91d128fb434bb12c

/ 100

low-risk

Severity 12/34 · Low

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal