CVE-2024-35915
Last modified
CVE-2024-35915 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero, each message type handler reads uninitialized payload and KMSAN detects this issue. EPSS estimates a 0.22% chance of exploitation in the next 30 days.
Description
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero, each message type handler reads uninitialized payload and KMSAN detects this issue. The receipt of a packet with a zero-size payload is considered unexpected, and therefore, such packets should be silently discarded. This patch resolved this issue by checking payload size before calling each message type handler codes.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Linux | Linux Kernel | >= 3.2, < 4.19.312 | — |
| Linux | Linux Kernel | >= 4.20, < 5.4.274 | — |
| Linux | Linux Kernel | >= 5.5, < 5.10.215 | — |
| Linux | Linux Kernel | >= 5.11, < 5.15.154 | — |
| Linux | Linux Kernel | >= 5.16, < 6.1.85 | — |
| Linux | Linux Kernel | >= 6.2, < 6.6.26 | — |
| Linux | Linux Kernel | >= 6.7, < 6.8.5 | — |
| Linux | Linux Kernel | 6.9 | Rc1 |
| Debian | Debian Linux | 10.0 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2024-35915?
How severe is CVE-2024-35915?
How do I fix CVE-2024-35915?
Are you affected by CVE-2024-35915?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST