What is the severity of CVE-2024-49962?

CVE-2024-49962 has been assigned a medium severity score due to the potential for NULL pointer dereference.

How do I fix CVE-2024-49962?

To fix CVE-2024-49962, it is recommended to upgrade to a patched version of the Linux kernel: 6.1.123-1 or later.

Which versions of the Linux kernel are affected by CVE-2024-49962?

CVE-2024-49962 affects Linux kernel versions prior to 5.10.227, and between 5.11 and 5.15.168, 5.16 and 6.1.113, 6.2 and 6.6.55, 6.7 and 6.10.14, and 6.11 up to 6.11.3.

What systems are impacted by CVE-2024-49962?

CVE-2024-49962 impacts any systems running the affected versions of the Linux kernel.

Is there a workaround for CVE-2024-49962 if I cannot upgrade?

Currently, there are no known workarounds for CVE-2024-49962, so applying the patch is the best approach.

Vulnerability/
CVE-2024-49962

medium

5.5

CWE

476

21/10/2024

19/12/2024

CVE-2024-49962: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 ACPI_ALLOCATE_ZEROED() may fail, elements might be NULL and will cause NULL pointer dereference later. [ rjw: Subject and changelog edits ]

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	<5.10.227
Linux Kernel	>=5.11<5.15.168
Linux Kernel	>=5.16<6.1.113
Linux Kernel	>=6.2<6.6.55
Linux Kernel	>=6.7<6.10.14
Linux Kernel	>=6.11<6.11.3
debian/linux	<=5.10.223-1<=5.10.226-1	6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1
debian/linux-6.1		6.1.119-1~deb11u1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49962?
CVE-2024-49962 has been assigned a medium severity score due to the potential for NULL pointer dereference.
How do I fix CVE-2024-49962?
To fix CVE-2024-49962, it is recommended to upgrade to a patched version of the Linux kernel: 6.1.123-1 or later.
Which versions of the Linux kernel are affected by CVE-2024-49962?
CVE-2024-49962 affects Linux kernel versions prior to 5.10.227, and between 5.11 and 5.15.168, 5.16 and 6.1.113, 6.2 and 6.6.55, 6.7 and 6.10.14, and 6.11 up to 6.11.3.
What systems are impacted by CVE-2024-49962?
CVE-2024-49962 impacts any systems running the affected versions of the Linux kernel.
Is there a workaround for CVE-2024-49962 if I cannot upgrade?
Currently, there are no known workarounds for CVE-2024-49962, so applying the patch is the best approach.

agent/title
agent/type
agent/first-publish-date
agent/remedy
agent/severity
agent/weakness
agent/references
agent/author
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
collector/usn-cve
source/Ubuntu
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
collector/launchpad-cve
source/Launchpad
agent/source
agent/softwarecombine
agent/description
agent/tags
agent/event
collector/security-tracker-debian
source/Debian
vendor/linux
canonical/linux kernel
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.11
package-manager/debian

Frequently Asked Questions

What is the severity of CVE-2024-49962?
CVE-2024-49962 has been assigned a medium severity score due to the potential for NULL pointer dereference.
How do I fix CVE-2024-49962?
To fix CVE-2024-49962, it is recommended to upgrade to a patched version of the Linux kernel: 6.1.123-1 or later.
Which versions of the Linux kernel are affected by CVE-2024-49962?
CVE-2024-49962 affects Linux kernel versions prior to 5.10.227, and between 5.11 and 5.15.168, 5.16 and 6.1.113, 6.2 and 6.6.55, 6.7 and 6.10.14, and 6.11 up to 6.11.3.
What systems are impacted by CVE-2024-49962?
CVE-2024-49962 impacts any systems running the affected versions of the Linux kernel.
Is there a workaround for CVE-2024-49962 if I cannot upgrade?
Currently, there are no known workarounds for CVE-2024-49962, so applying the patch is the best approach.

CVE-2024-49962: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-49962?

How do I fix CVE-2024-49962?

Which versions of the Linux kernel are affected by CVE-2024-49962?

What systems are impacted by CVE-2024-49962?

Is there a workaround for CVE-2024-49962 if I cannot upgrade?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-49962?

How do I fix CVE-2024-49962?

Which versions of the Linux kernel are affected by CVE-2024-49962?

What systems are impacted by CVE-2024-49962?

Is there a workaround for CVE-2024-49962 if I cannot upgrade?