CVE-2024-56569

low-risk

Published 2024-12-27

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo "write*:mod:ext3" > /sys/kernel/tracing/stack_trace_filter The current mod command causes a null pointer dereference. While commit 0f17976568b3f ("ftrace: Fix regression with module command in stack_trace_filter") has addressed part of the issue, it left a corner case unhandled, which still results in a kernel crash.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (9)

Patch https://git.kernel.org/stable/c/19cacabdd5a8487ae566cbecb4d03bcb038a067e

Patch https://git.kernel.org/stable/c/43ca32ce12888fb0eeb2d74dfc558dea60d3473e

Patch https://git.kernel.org/stable/c/45af52e7d3b8560f21d139b3759735eead8b1653

Patch https://git.kernel.org/stable/c/5dabb7af57bc72308a6e2e81a5dd756eef283803

Patch https://git.kernel.org/stable/c/7ae27880de3482e063fcc1f72d9a298d0d391407

Patch https://git.kernel.org/stable/c/885109aa0c70639527dd6a65c82e63c9ac055e3d

Patch https://git.kernel.org/stable/c/8a92dc4df89c50bdb26667419ea70e0abbce456e

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal