CVE-2024-36957
Last modified
CVE-2024-36957 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. EPSS estimates a 0.24% chance of exploitation in the next 30 days.
Description
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. To ensure the copied buffer is NUL terminated, we use memdup_user_nul instead.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Linux | Linux Kernel | >= 5.10.20, < 5.10.217 | — |
| Linux | Linux Kernel | >= 5.11.3, < 5.15.159 | — |
| Linux | Linux Kernel | >= 5.16, < 6.1.91 | — |
| Linux | Linux Kernel | >= 6.2, < 6.6.31 | — |
| Linux | Linux Kernel | >= 6.7, < 6.8.10 | — |
| Linux | Linux Kernel | 6.9 | Rc1 |
| Debian | Debian Linux | 10.0 | — |
References
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.htmlThird Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2024-36957?
How severe is CVE-2024-36957?
How do I fix CVE-2024-36957?
Are you affected by CVE-2024-36957?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST