U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-35813 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_idata = idatas[i - 1], but doesn't check that the iterator i is greater than zero. Let's fix this by adding a check.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/064db53f9023a2d5877a2d12de6bc27995f6ca56
https://git.kernel.org/stable/c/064db53f9023a2d5877a2d12de6bc27995f6ca56
https://git.kernel.org/stable/c/2b539c88940e22494da80a93ee1c5a28bbad10f6
https://git.kernel.org/stable/c/2b539c88940e22494da80a93ee1c5a28bbad10f6
https://git.kernel.org/stable/c/4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2
https://git.kernel.org/stable/c/4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2
https://git.kernel.org/stable/c/7d0e8a6147550aa058fa6ade8583ad252aa61304
https://git.kernel.org/stable/c/7d0e8a6147550aa058fa6ade8583ad252aa61304
https://git.kernel.org/stable/c/81b8645feca08a54c7c4bf36e7b176f4983b2f28
https://git.kernel.org/stable/c/81b8645feca08a54c7c4bf36e7b176f4983b2f28
https://git.kernel.org/stable/c/ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55
https://git.kernel.org/stable/c/ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55
https://git.kernel.org/stable/c/b9a7339ae403035ffe7fc37cb034b36947910f68
https://git.kernel.org/stable/c/b9a7339ae403035ffe7fc37cb034b36947910f68
https://git.kernel.org/stable/c/cf55a7acd1ed38afe43bba1c8a0935b51d1dc014
https://git.kernel.org/stable/c/cf55a7acd1ed38afe43bba1c8a0935b51d1dc014
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Weakness Enumeration

CWE-ID CWE Name Source

Change History

5 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-35813
NVD Published Date:
05/17/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org