Vulnerability DatabaseCVE-2024-35859
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2024-35859
May 17, 2024
In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is grabbed already, hence module reference should be released if bdev_may_open() failed. This problem is found by code review.
Related ResourcesĀ (5)
https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35859.json
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
https://git.kernel.org/stable/c/0e9327c67410b129bf85e5c3a5aaea518328636f
https://nvd.nist.gov/vuln/detail/CVE-2024-35859
https://git.kernel.org/stable/c/9617cd6f24b294552a817f80f5225431ef67b540
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
EPSS
Base Score:
0.03