CVE-2024-39505 Affecting dlm-kmp-default package, versions <6.4.0-150600.23.22.1
Threat Intelligence
EPSS
0.04% (12th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-SLES156-DLMKMPDEFAULT-8074938
- published 24 Sep 2024
- disclosed 23 Sep 2024
Introduced: 23 Sep 2024
CVE-2024-39505 Open this link in a new tabHow to fix?
Upgrade SLES:15.6 dlm-kmp-default to version 6.4.0-150600.23.22.1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream dlm-kmp-default package and not the dlm-kmp-default package as distributed by SLES.
See How to fix? for SLES:15.6 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
drm/komeda: check for error-valued pointer
komeda_pipeline_get_state() may return an error-valued pointer, thus check the pointer for negative or null value before dereferencing.
References
- https://www.suse.com/security/cve/CVE-2024-39505.html
- https://bugzilla.suse.com/1227728
- https://git.kernel.org/stable/c/0674ed1e58e2fdcc155e7d944f8aad007a94ac69
- https://git.kernel.org/stable/c/3b1cf943b029c147bfacfd53dc28ffa632c0a622
- https://git.kernel.org/stable/c/86042e3d16b7e0686db835c9e7af0f9044dd3a56
- https://git.kernel.org/stable/c/9460961d82134ceda7377b77a3e3e3531b625dfe
- https://git.kernel.org/stable/c/99392c98b9be0523fe76944b2264b1847512ad23
- https://git.kernel.org/stable/c/b880018edd3a577e50366338194dee9b899947e0
- https://git.kernel.org/stable/c/bda7cdaeebf57e46c1a488ae7a15f6f264691f59
CVSS Scores
version 3.1