Description

In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on it drop the never read static variable selinuxfs_mount.

INFO

Published Date :

2024-05-19T08:34:57.351Z

Last Modified :

2025-05-04T09:08:04.160Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-35904 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-35904.

URL Resource
http://www.openwall.com/lists/oss-security/2024/05/30/1 cve-icon
http://www.openwall.com/lists/oss-security/2024/05/30/2 cve-icon
https://git.kernel.org/stable/c/37801a36b4d68892ce807264f784d818f8d0d39b cve-icon cve-icon
https://git.kernel.org/stable/c/477ed6789eb9f3f4d3568bb977f90c863c12724e cve-icon cve-icon
https://git.kernel.org/stable/c/68784a5d01b8868ff85a7926676b6729715fff3c cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024051953-CVE-2024-35904-7f85@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-35904 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-35904 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact