CVE-2024-53226
Severity CVSS v4.0:
Pending analysis
Type:
CWE-476
NULL Pointer Dereference
Publication date:
27/12/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()<br />
<br />
ib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument.<br />
The driver needs to check whether it is a NULL pointer before<br />
dereferencing it.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.10.224 (including) | 5.10.231 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.15.165 (including) | 5.15.174 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.1.103 (including) | 6.1.120 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.6.44 (including) | 6.6.64 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.10.3 (including) | 6.11.11 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.12 (including) | 6.12.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/35f5b68f63aac61d30ce0b0c6beb09b8845a3e65
- https://git.kernel.org/stable/c/52617e76f4963644db71dc0a17e998654dc0c7f4
- https://git.kernel.org/stable/c/6b0d7d6e6883d0ec70cd7b5a02c47c003d5defe7
- https://git.kernel.org/stable/c/6b526d17eed850352d880b93b9bf20b93006bd92
- https://git.kernel.org/stable/c/71becb0e9df78a8d43dfd0efcef18c830a0af477
- https://git.kernel.org/stable/c/8c269bb2cc666ca580271e1a8136c63ac9162e1e
- https://git.kernel.org/stable/c/bd715e191d444992d6ed124f15856da5c1cae2de
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html