CVE-2024-35904

Updated:

Description:

In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on it drop the never read static variable selinuxfs_mount.

CVSS3: 5.5


Vendor State

OS Vendor version Errata
Ubuntu 20.04 5.4.0-202.222 USN-7159-1
Ubuntu 20.04 AWS 5.4.0-1136.146 USN-7159-2
Ubuntu 22.04 5.15.0-127.137 USN-7166-1
Ubuntu 22.04 AWS 5.15.0-1073.79 USN-7166-2
Ubuntu 22.04 Azure 5.15.0-1078.87 USN-7186-2
RHEL 9 5.14.0-503.11.1.el9_5 RHSA-2024:9315
Ubuntu 20.04 HWE AWS 5.15.0-1073.79~20.04.1 USN-7166-2
Ubuntu 20.04 GCP 5.4.0-1140.149 USN-7159-1
Ubuntu 24.04 6.8.0-38.38 USN-6893-1

KernelCare State

OS Original kernel version State
Ubuntu 18.04 HWE Focal
Planned
Ubuntu 20.04
Ready For Release
Ubuntu 18.04 AWS Focal
Planned
Ubuntu 18.04 Azure Focal
Planned
Ubuntu 20.04 AWS
Planned
Ubuntu 22.04
Planned
Ubuntu 22.04 AWS
Planned
Ubuntu 22.04 Azure
Planned
RHEL 9
Ready For Release
Ubuntu 20.04 HWE AWS
Planned
Ubuntu 20.04 GCP
Ready For Release
Ubuntu 24.04
Planned