NVD Vulnerability Detail

CVE-2024-47756

Summary	In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in ks_pcie_quirk() This code accidentally uses && where \|\| was intended. It potentially results in a NULL dereference. Thus, fix the if-statement expression to use the correct condition. [kwilczynski: commit log]
Publication Date	Oct. 21, 2024, 10:15 p.m.
Registration Date	Oct. 22, 2024, 5 a.m.
Last Update	Nov. 9, 2024, 1:15 a.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	https://git.kernel.org/stable/c/c289903b7a216df5ea6e1850ddf1b958eea9921d	Patch
2	https://git.kernel.org/stable/c/dc5aeba07395c8dfa29bb878c8ce4d5180427221	Patch
3	https://git.kernel.org/stable/c/23838bef2adb714ec37b2d6141dccf4a3a70bdef	Patch
4	https://git.kernel.org/stable/c/e85ab507882db165c10a858d7f685a0a38f0312e	Patch
5	https://git.kernel.org/stable/c/72210e52e19a27f615e0b5273d2bf012d0dc318d	Patch
6	https://git.kernel.org/stable/c/2171c5cb2fbc3e03af7e8116cd58736c09328655	Patch
7	https://git.kernel.org/stable/c/6188a1c762eb9bbd444f47696eda77a5eae6207a	Patch
8	https://git.kernel.org/stable/c/9c9afc3e75069fcfb067727973242cfbf00dd7eb

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html

JVN Vulnerability Information

Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性

Title	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性
Summary	Linux の Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Aug. 13, 2024, midnight
Registration Date	Oct. 24, 2024, 10:07 a.m.
Last Update	Aug. 20, 2025, 3:40 p.m.

Affected System

Linux

Linux Kernel 5.10.226

Linux Kernel 5.15.167

Linux Kernel 5.4.284 以上 5.5 未満

Linux Kernel 6.1.110 以上 6.1.113 未満

Linux Kernel 6.10.10 以上 6.10.13 未満

Linux Kernel 6.11 以上 6.11.2 未満

Linux Kernel 6.6.51 以上 6.6.54 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-47756	https://www.cve.org/CVERecord?id=CVE-2024-47756
National Vulnerability Database (NVD)
2	CVE-2024-47756	https://nvd.nist.gov/vuln/detail/CVE-2024-47756

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-476	http://cwe.mitre.org/data/definitions/476.html

ベンダー情報

No	Name	URL
Kernel.org git repositories
1	PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (2171c5c)	https://git.kernel.org/stable/c/2171c5cb2fbc3e03af7e8116cd58736c09328655
2	PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (23838be)	https://git.kernel.org/stable/c/23838bef2adb714ec37b2d6141dccf4a3a70bdef
3	PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (6188a1c)	https://git.kernel.org/stable/c/6188a1c762eb9bbd444f47696eda77a5eae6207a
4	PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (72210e5)	https://git.kernel.org/stable/c/72210e52e19a27f615e0b5273d2bf012d0dc318d
5	PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (c289903)	https://git.kernel.org/stable/c/c289903b7a216df5ea6e1850ddf1b958eea9921d
6	PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (dc5aeba)	https://git.kernel.org/stable/c/dc5aeba07395c8dfa29bb878c8ce4d5180427221
7	PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (e85ab50)	https://git.kernel.org/stable/c/e85ab507882db165c10a858d7f685a0a38f0312e
Linux Kernel
8	Linux Kernel Archives	https://www.kernel.org

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-25-226-07	https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07
JVN
2	JVNVU#92169998	https://jvn.jp/vu/JVNVU92169998/index.html

Change Log

No	Changed Details	Date of change
1	[2024年10月24日] 掲載	Oct. 24, 2024, 10:07 a.m.
2	[2025年08月20日] 参考情報：JVN (JVNVU#92169998) を追加参考情報：ICS-CERT ADVISORY (ICSA-25-226-07) を追加	Aug. 20, 2025, 3:40 p.m.