How severe is CVE-2024-26705?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-26705?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2024-26705

MEDIUM Year: 2024

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-862

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup When using hotplug and bringing up a 32-bit CPU, ask the firmware about the BTLB information to set up the static (block) TLB entries. For that write access to the static btlb_info struct is needed, but since it is marked __ro_after_init the kernel segfaults with missing write permissions. Fix the crash by dropping the __ro_after_init annotation.

CVE-2017-6693

MEDIUM

CVSS:5.5(Medium)

A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system, ...

CWE-8622017

CVE-2018-14997

MEDIUM

CVSS:5.5(Medium)

The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains the android framework (i.e., system_server) with a package...

CWE-8622018

CVE-2018-9406

MEDIUM

CVSS:5.5(Medium)

In NlpService, there is a possible way to obtain location information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed...

CWE-8622018

CVE-2018-9457

MEDIUM

CVSS:5.5(Medium)

In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve contact information due to a permissions bypass. This could lead to local information disclosure with no add...

CWE-8622018

CVE-2018-9548

MEDIUM

CVSS:5.5(Medium)

In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privi...

CWE-8622018

CVE-2019-15386

MEDIUM

CVSS:5.5(Medium)

The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (version...

CWE-8622019

CVE-2024-26705

Vulnerability Description

Related Vulnerabilities

CVE-2017-6693

CVE-2018-14997

CVE-2018-9406

CVE-2018-9457

CVE-2018-9548

CVE-2019-15386