{"id":"CVE-2024-35813","summary":"mmc: core: Avoid negative index with array access","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: core: Avoid negative index with array access\n\nCommit 4d0c8d0aef63 (\"mmc: core: Use mrq.sbc in close-ended ffu\") assigns\nprev_idata = idatas[i - 1], but doesn't check that the iterator i is\ngreater than zero. Let's fix this by adding a check.","modified":"2026-05-18T05:57:13.902931261Z","published":"2024-05-17T13:23:18.902Z","related":["SUSE-SU-2024:2008-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20249-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35813.json"},"references":[{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"},{"type":"WEB","url":"https://git.kernel.org/stable/c/064db53f9023a2d5877a2d12de6bc27995f6ca56"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2b539c88940e22494da80a93ee1c5a28bbad10f6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7d0e8a6147550aa058fa6ade8583ad252aa61304"},{"type":"WEB","url":"https://git.kernel.org/stable/c/81b8645feca08a54c7c4bf36e7b176f4983b2f28"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b9a7339ae403035ffe7fc37cb034b36947910f68"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cf55a7acd1ed38afe43bba1c8a0935b51d1dc014"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/35xxx/CVE-2024-35813.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35813"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f49f9e802785291149bdc9c824414de4604226b4"},{"fixed":"b9a7339ae403035ffe7fc37cb034b36947910f68"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"59020bf0999ff7da8aedcd00ef8f0d75d93b6d20"},{"fixed":"2b539c88940e22494da80a93ee1c5a28bbad10f6"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"50b8b7a22e90bab9f1949b64a88ff17ab10913ec"},{"fixed":"81b8645feca08a54c7c4bf36e7b176f4983b2f28"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c4edcd134bb72b3b0acc884612d624e48c9d057f"},{"fixed":"ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1653a8102868264f3488c298a9f20af2add9a288"},{"fixed":"4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"eed9119f8f8e8fbf225c08abdbb58597fba807e0"},{"fixed":"064db53f9023a2d5877a2d12de6bc27995f6ca56"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4d0c8d0aef6355660b6775d57ccd5d4ea2e15802"},{"fixed":"7d0e8a6147550aa058fa6ade8583ad252aa61304"},{"fixed":"cf55a7acd1ed38afe43bba1c8a0935b51d1dc014"}]}],"versions":["v5.4.273","v5.4.272","v5.4.271","v5.4.270","v5.4.269","v5.10.214","v5.10.213","v5.10.212","v5.10.211","v5.10.210","v5.15.153","v5.15.152","v5.15.151","v5.15.150","v5.15.149","v6.1.83","v6.1.82","v6.1.81","v6.1.80","v6.1.79","v6.1.78","v6.1.77","v6.1.76","v6.6.23","v6.6.22","v6.6.21","v6.6.20","v6.6.19","v6.6.18","v6.6.17","v6.6.16","v6.6.15","v6.7.11","v6.7.10","v6.7.9","v6.7.8","v6.7.7","v6.7.6","v6.7.5","v6.7.4","v6.7.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35813.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.274"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.215"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.154"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.84"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.24"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.7.12"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.8.0"},{"fixed":"6.8.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35813.json"}}],"schema_version":"1.7.5"}