Vulnerability Details CVE-2024-47756
In the Linux kernel, the following vulnerability has been resolved:
PCI: keystone: Fix if-statement expression in ks_pcie_quirk()
This code accidentally uses && where || was intended. It potentially
results in a NULL dereference.
Thus, fix the if-statement expression to use the correct condition.
[kwilczynski: commit log]
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.9%
CVSS Severity
CVSS v3 Score 5.5
References
- https://git.kernel.org/stable/c/2171c5cb2fbc3e03af7e8116cd58736c09328655
- https://git.kernel.org/stable/c/23838bef2adb714ec37b2d6141dccf4a3a70bdef
- https://git.kernel.org/stable/c/6188a1c762eb9bbd444f47696eda77a5eae6207a
- https://git.kernel.org/stable/c/72210e52e19a27f615e0b5273d2bf012d0dc318d
- https://git.kernel.org/stable/c/9c9afc3e75069fcfb067727973242cfbf00dd7eb
- https://git.kernel.org/stable/c/c289903b7a216df5ea6e1850ddf1b958eea9921d
- https://git.kernel.org/stable/c/dc5aeba07395c8dfa29bb878c8ce4d5180427221
- https://git.kernel.org/stable/c/e85ab507882db165c10a858d7f685a0a38f0312e
Products affected by CVE-2024-47756
-
cpe:2.3:o:linux:linux_kernel:5.10.226
-
cpe:2.3:o:linux:linux_kernel:5.15.167
-
cpe:2.3:o:linux:linux_kernel:5.4.284
-
cpe:2.3:o:linux:linux_kernel:5.4.285
-
cpe:2.3:o:linux:linux_kernel:5.4.286
-
cpe:2.3:o:linux:linux_kernel:5.4.287
-
cpe:2.3:o:linux:linux_kernel:5.4.288
-
cpe:2.3:o:linux:linux_kernel:5.4.289
-
cpe:2.3:o:linux:linux_kernel:5.4.290
-
cpe:2.3:o:linux:linux_kernel:5.4.291
-
cpe:2.3:o:linux:linux_kernel:5.4.292
-
cpe:2.3:o:linux:linux_kernel:5.4.297
-
cpe:2.3:o:linux:linux_kernel:6.1.110
-
cpe:2.3:o:linux:linux_kernel:6.1.111
-
cpe:2.3:o:linux:linux_kernel:6.1.112
-
cpe:2.3:o:linux:linux_kernel:6.10.10
-
cpe:2.3:o:linux:linux_kernel:6.10.11
-
cpe:2.3:o:linux:linux_kernel:6.10.12
-
cpe:2.3:o:linux:linux_kernel:6.11
-
cpe:2.3:o:linux:linux_kernel:6.11.1
-
cpe:2.3:o:linux:linux_kernel:6.6.51
-
cpe:2.3:o:linux:linux_kernel:6.6.52
-
cpe:2.3:o:linux:linux_kernel:6.6.53