CVE-2024-42320

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel. The issue is related to the dasd copy pair store() function, where dasd add busid() can return an error via ERR PTR() if an allocation fails. However, two callsites in dasd copy pair store() do not check the result, potentially resulting in a NULL pointer dereference. The fix involves checking the result with IS ERR() and returning the error up the stack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-13121

ALT-PU-2024-13979

ALT-PU-2024-14046

BDU:2025-02970

CVE-2024-42320

DLA-4008-1

MGASA-2024-0309

MGASA-2024-0310

OESA-2024-2124

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3483-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2024-42320

Weakness Enumeration

Related Identifiers

Affected Products

References · 1896