How severe is CVE-2024-53101?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-53101?

This is classified as CWE-908, which is a common weakness in software security.

CVE-2024-53101 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initialize all fields of newattrs to avoid uninitialized variables, by checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0.

Related Vulnerabilities

CVE-2016-0821

MEDIUM

CVSS:5.5(Medium)

The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, wh...

CWE-9082016

CVE-2017-4905

MEDIUM

CVSS:5.5(Medium)

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch E...

CWE-9082017

CVE-2018-11383

MEDIUM

CVSS:5.5(Medium)

The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in t...

CWE-9082018

CVE-2018-12011

MEDIUM

CVSS:5.5(Medium)

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure.

CWE-9082018

CVE-2018-19974

MEDIUM

CVSS:5.5(Medium)

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not...

CWE-9082018

CVE-2018-20029

MEDIUM

CVSS:5.5(Medium)

The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.

CWE-9082018