VDB

DEBIAN-CVE-2024-44969

DEBIAN-CVE-2024-44969 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, there is a chance that the SCLP facility might store data into buffers referenced by the original operation at a later time. Handle this situation by not releasing the referenced data buffers if the halt attempt fails. For current use cases, this might result in a leak of few pages of memory in case of a rare hardware/firmware malfunction.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:13linux0, 0
Debian:12linux6.1.90-1, 6.1.90-1~bpo11+1, 6.1.99-1
Debian:14linux0, 0
Debian:11linux-6.16.1.106-3, 6.1.106-3, 6.1.106-3
Debian:11linux5.15.5-2~bpo11+1, 5.16.10-1, 5.16.11-1

Timeline

  • Sep 4, 2024 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›