216.73.216.170

CVE-2024-36975

· Published 18/06/2024 20:15 · Modified 18/06/2024 20:15

Labels: CVE-2024-36975 2024-06-18416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2024-36975

Essential information

Published
18/06/2024 20:15
Modified
18/06/2024 20:15
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1_encode_sequence() fails, WARN is not the correct solution. 1. asn1_encode_sequence() is not an internal function (located in lib/asn1_encode.c). 2. Location is known, which makes the stack trace useless. 3. Results a crash if panic_on_warn is set. It is also noteworthy that the use of WARN is undocumented, and it should be avoided unless there is a carefully considered rationale to use it. Replace WARN with pr_err, and print the return value instead, which is only useful piece of information.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References