CVE-2024-42099

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing of indirect CCW data pointer in dasd_eckd_dump_sense() that leads to a kernel panic in error cases. When using indirect addressing for DASD CCWs (IDAW) the CCW CDA pointer does not contain the data address itself but a pointer to the IDAL. This needs to be translated from physical to virtual as well before using it. This dereferencing is also used for dasd_page_cache and also fixed although it is very unlikely that this code path ever gets used.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/b3a58f3b90f564f42a5c35778d8c5107b2c2150b	Patch
https://git.kernel.org/stable/c/c116475f7d6410b1e6d399207ac75de6cf9c3652	Patch
https://git.kernel.org/stable/c/b3a58f3b90f564f42a5c35778d8c5107b2c2150b	Patch
https://git.kernel.org/stable/c/c116475f7d6410b1e6d399207ac75de6cf9c3652	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.10:rc6::::::

History

No history.

Information

Published : 2024-07-30 08:15

Updated : 2025-09-25 20:13

NVD link : CVE-2024-42099

Mitre link : CVE-2024-42099

CVE.ORG link : CVE-2024-42099

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2024-42099", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-07-30T08:15:02.503", "references": [{"url": "https://git.kernel.org/stable/c/b3a58f3b90f564f42a5c35778d8c5107b2c2150b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c116475f7d6410b1e6d399207ac75de6cf9c3652", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b3a58f3b90f564f42a5c35778d8c5107b2c2150b", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/c116475f7d6410b1e6d399207ac75de6cf9c3652", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: Fix invalid dereferencing of indirect CCW data pointer\n\nFix invalid dereferencing of indirect CCW data pointer in\ndasd_eckd_dump_sense() that leads to a kernel panic in error cases.\n\nWhen using indirect addressing for DASD CCWs (IDAW) the CCW CDA pointer\ndoes not contain the data address itself but a pointer to the IDAL.\nThis needs to be translated from physical to virtual as well before\nusing it.\n\nThis dereferencing is also used for dasd_page_cache and also fixed\nalthough it is very unlikely that this code path ever gets used."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/dasd: corrige la desreferenciaci\u00f3n no v\u00e1lida del puntero de datos CCW indirecto. Se corrige la desreferenciaci\u00f3n no v\u00e1lida del puntero de datos CCW indirecto en dasd_eckd_dump_sense() que genera p\u00e1nico en el kernel en casos de error. Cuando se utiliza direccionamiento indirecto para DASD CCW (IDAW), el puntero CCW CDA no contiene la direcci\u00f3n de datos en s\u00ed, sino un puntero al IDAL. Esto tambi\u00e9n debe traducirse de f\u00edsico a virtual antes de usarlo. Esta desreferenciaci\u00f3n tambi\u00e9n se usa para dasd_page_cache y tambi\u00e9n se corrige, aunque es muy poco probable que esta ruta de c\u00f3digo se use alguna vez."}], "lastModified": "2025-09-25T20:13:18.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E935B78-DF63-4FD6-B160-8ADA44421209", "versionEndExcluding": "6.9.9", "versionStartIncluding": "6.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD973AA4-A789-49BD-8D57-B2846935D3C7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F3E9E0C-AC3E-4967-AF80-6483E8AB0078"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}