CVE-2024-24891

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in openEuler kernel on Linux allows Resource Leak Exposure. This vulnerability is associated with program files https://gitee.Com/openeuler/kernel/blob/openEuler-1.0-LTS/drivers/staging/gmjstcm/tcm.C. This issue affects kernel: from 4.19.90-2109.1.0.0108 before 4.19.90-2403.4.0.0244.

CVSS v3 6.0 MEDIUM

6.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://gitee.com/openeuler/kernel/pulls/2810
https://gitee.com/src-openeuler/kernel/pulls/1320
https://gitee.com/src-openeuler/kernel/pulls/1321
https://gitee.com/src-openeuler/kernel/pulls/1322
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1358

Configurations

No configuration.

History

No history.

Information

Published : 2024-04-15 12:15

Updated : 2024-04-15 13:15

NVD link : CVE-2024-24891

Mitre link : CVE-2024-24891

CVE.ORG link : CVE-2024-24891

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

6.0 /10