CVE-2024-36957

MEDIUM

Linux kernel - Memory Corruption

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. To ensure the copied buffer is NUL terminated, we use memdup_user_nul instead.

References (7)

[Patch] https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7

[Patch] https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67

[Patch] https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e

[Patch] https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f

[Patch] https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878

[Patch] https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

Scores

CVSS v3 5.5

EPSS 0.0003

EPSS Percentile 8.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-193

Status published

Products (8)

debian/debian_linux 10.0

linux/Kernel < 5.10.217linux

linux/Kernel 5.11.0 - 5.15.159linux

linux/Kernel 5.12.0 - 6.1.91linux

linux/Kernel 5.16.0 - 6.6.31linux

linux/Kernel 6.2.0 - 6.8.10linux

linux/linux_kernel 6.9 rc1 (6 CPE variants)

linux/linux_kernel 5.10.20 - 5.10.217

Published May 30, 2024

Tracked Since Feb 18, 2026