CVE-2024-36957

MEDIUM

Linux kernel - Memory Corruption

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. To ensure the copied buffer is NUL terminated, we use memdup_user_nul instead.

References (7)

[Patch] https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7

[Patch] https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67

[Patch] https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e

[Patch] https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f

[Patch] https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878

[Patch] https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

Scores

CVSS v3 5.5

EPSS 0.0003

EPSS Percentile 8.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-193

Status published

Affected Products (13)

linux/linux_kernel < 5.10.217

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

debian/debian_linux

linux/Kernel < 5.10.217linux

linux/Kernel < 5.15.159linux

linux/Kernel < 6.1.91linux

linux/Kernel < 6.6.31linux

linux/Kernel < 6.8.10linux

Timeline

Published May 30, 2024

Tracked Since Feb 18, 2026