CVE-2024-58051 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1a8a17c5ce9cb5a82797602bff9819ac732d2ff5
https://git.kernel.org/stable/c/2378bd0b264ad3a1f76bd957caf33ee0c7945351
https://git.kernel.org/stable/c/312a6445036d692bc5665307eeafa4508c33c4b5
https://git.kernel.org/stable/c/4c9caf86d04dcb10e9fd8cd9db8eb79b5bfcc4d8
https://git.kernel.org/stable/c/a63284d415d4d114abd8be6e66a9558f3ca0702d
https://git.kernel.org/stable/c/caac520350546e736894d14e051b64a9edb3600c
https://git.kernel.org/stable/c/e529fbcf1f35f5fc3c839df7f06c3e3d02579715
https://git.kernel.org/stable/c/eb288ab33fd87579789cb331209ff09e988ff4f7
https://lore.kernel.org/linux-cve-announce/2025030603-CVE-2024-58051-8e8a@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-58051
https://www.cve.org/CVERecord?id=CVE-2024-58051

History

Thu, 13 Mar 2025 12:30:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/1a8a17c5ce9cb5a82797602bff9819ac732d2ff5 https://git.kernel.org/stable/c/caac520350546e736894d14e051b64a9edb3600c https://git.kernel.org/stable/c/eb288ab33fd87579789cb331209ff09e988ff4f7

Fri, 07 Mar 2025 02:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025030603-CVE-2024-58051-8e8a@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-58051 https://www.cve.org/CVERecord?id=CVE-2024-58051
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Thu, 06 Mar 2025 16:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked.
Title		ipmi: ipmb: Add check devm_kasprintf() returned value
References		https://git.kernel.org/stable/c/2378bd0b264ad3a1f76bd957caf33ee0c7945351 https://git.kernel.org/stable/c/312a6445036d692bc5665307eeafa4508c33c4b5 https://git.kernel.org/stable/c/4c9caf86d04dcb10e9fd8cd9db8eb79b5bfcc4d8 https://git.kernel.org/stable/c/a63284d415d4d114abd8be6e66a9558f3ca0702d https://git.kernel.org/stable/c/e529fbcf1f35f5fc3c839df7f06c3e3d02579715

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-03-06T15:53:56.175Z

Updated: 2025-05-04T10:08:44.123Z

Reserved: 2025-03-06T15:52:09.178Z

Link: CVE-2024-58051

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-03-06T16:15:51.247

Modified: 2025-03-13T13:15:45.027

Link: CVE-2024-58051

Redhat

Severity : Moderate

Publid Date: 2025-03-06T00:00:00Z

Links: CVE-2024-58051 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object