Use of Uninitialized Resource Affecting kernel-kdump-devel package, versions *
Threat Intelligence
EPSS
0.04% (6th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL7-KERNELKDUMPDEVEL-8416677
- published 26 Nov 2024
- disclosed 9 Nov 2024
Introduced: 9 Nov 2024
New CVE-2024-50237 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:7
kernel-kdump-devel
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-kdump-devel
package and not the kernel-kdump-devel
package as distributed by RHEL
.
See How to fix?
for RHEL:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
Avoid potentially crashing in the driver because of uninitialized private data
References
- https://access.redhat.com/security/cve/CVE-2024-50237
- https://git.kernel.org/stable/c/393b6bc174b0dd21bb2a36c13b36e62fc3474a23
- https://git.kernel.org/stable/c/3ccf525a73d48e814634847f6d4a6150c6f0dffc
- https://git.kernel.org/stable/c/78b698fbf37208ee921ee4cedea75b5d33d6ea9f
- https://git.kernel.org/stable/c/8f6cd4d5bb7406656835a90e4f1a2192607f0c21
- https://git.kernel.org/stable/c/b0b862aa3dbcd16b3c4715259a825f48ca540088
- https://git.kernel.org/stable/c/b2bcbe5450b20641f512d6b26c6b256a5a4f847f
- https://git.kernel.org/stable/c/c21efba8b5a86537ccdf43f77536bad02f82776c
- https://git.kernel.org/stable/c/ee35c423042c9e04079fdee3db545135d609d6ea
CVSS Scores
version 3.1