CVE-2024-44969

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/7a7e60ed23d471a07dbbe72565d2992ee8244bbe", "name": "https://git.kernel.org/stable/c/7a7e60ed23d471a07dbbe72565d2992ee8244bbe", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1ec5ea9e25f582fd6999393e2f2c3bf56f234e05", "name": "https://git.kernel.org/stable/c/1ec5ea9e25f582fd6999393e2f2c3bf56f234e05", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/a3e52a4c22c846858a6875e1c280030a3849e148", "name": "https://git.kernel.org/stable/c/a3e52a4c22c846858a6875e1c280030a3849e148", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/a88a49473c94ccfd8dce1e766aacf3c627278463", "name": "https://git.kernel.org/stable/c/a88a49473c94ccfd8dce1e766aacf3c627278463", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/46f67233b011385d53cf14d272431755de3a7c79", "name": "https://git.kernel.org/stable/c/46f67233b011385d53cf14d272431755de3a7c79", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/1e8b7fb427af6b2ddd54eff66a6b428a81c96633", "name": "https://git.kernel.org/stable/c/1e8b7fb427af6b2ddd54eff66a6b428a81c96633", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/2429ea3b4330e3653b72b210a0d5f2a717359506", "name": "https://git.kernel.org/stable/c/2429ea3b4330e3653b72b210a0d5f2a717359506", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/bf365071ea92b9579d5a272679b74052a5643e35", "name": "https://git.kernel.org/stable/c/bf365071ea92b9579d5a272679b74052a5643e35", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Prevent release of buffer in I/O\n\nWhen a task waiting for completion of a Store Data operation is\ninterrupted, an attempt is made to halt this operation. If this attempt\nfails due to a hardware or firmware problem, there is a chance that the\nSCLP facility might store data into buffers referenced by the original\noperation at a later time.\n\nHandle this situation by not releasing the referenced data buffers if\nthe halt attempt fails. For current use cases, this might result in a\nleak of few pages of memory in case of a rare hardware/firmware\nmalfunction."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-401"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-44969", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-09-04T19:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.15.165", "versionStartIncluding": "5.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.224", "versionStartIncluding": "5.5"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.4.282", "versionStartIncluding": "4.20"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.10.5", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.46", "versionStartIncluding": "6.2"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.19.320"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.1.105", "versionStartIncluding": "5.16"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-10-03T17:38Z"}