CVE-2024-42276

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-42276

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42276.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-42276

Downstream

BELL-CVE-2024-42276

DEBIAN-CVE-2024-42276

DLA-3912-1

DLA-4008-1

MGASA-2024-0309

MGASA-2024-0310

OESA-2024-2123

OESA-2024-2124

OESA-2024-2125

OESA-2024-2126

RHSA-2024:9315

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

UBUNTU-CVE-2024-42276

USN-7088-1

USN-7088-2

USN-7088-3

USN-7088-4

USN-7088-5

USN-7100-1

USN-7100-2

USN-7119-1

USN-7123-1

USN-7144-1

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7194-1

USN-7196-1

Related

Published

2024-08-17T09:08:44.694Z

Modified

2026-05-07T04:17:00.061408Z

Summary

nvme-pci: add missing condition check for existence of mapped data

Details

In the Linux kernel, the following vulnerability has been resolved:

nvme-pci: add missing condition check for existence of mapped data

nvmemapdata() is called when request has physical segments, hence the nvmeunmapdata() should have same condition to avoid dereference.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42276.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4aedb705437f6f98b45f45c394e6803ca67abd33

Fixed

3f8ec1d6b0ebd8268307d52be8301973fa5a01ec

Fixed

be23ae63080e0bf9e246ab20207200bca6585eba

Fixed

7cc1f4cd90a00b6191cb8cda2d1302fdce59361c

Fixed

d135c3352f7c947a922da93c8e763ee6bc208b64

Fixed

77848b379e9f85a08048a2c8b3b4a7e8396f5f83

Fixed

70100fe721840bf6d8e5abd25b8bffe4d2e049b7

Fixed

c31fad1470389666ac7169fe43aa65bf5b7e2cfd

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42276.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.2.0

Fixed

5.4.282

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.224

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.165

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.103

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.44

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.10.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42276.json"