Описание
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-41016
- https://git.kernel.org/stable/c/57a3d89831fcaa2cdbe024b47c7c36d5a56c3637
- https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262
- https://git.kernel.org/stable/c/c031d286eceb82f72f8623b7f4abd2aa491bfb5e
- https://git.kernel.org/stable/c/c726dea9d0c806d64c26fcef483b1fb9474d8c5e
- https://git.kernel.org/stable/c/cfb926051fab19b10d1e65976211f364aa820180
- https://git.kernel.org/stable/c/e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090
- https://git.kernel.org/stable/c/e4ffea01adf3323c821b6f37e9577d2d400adbaa
- https://git.kernel.org/stable/c/e8f9c4af7af7e9e4cd09c0251c7936593147419f
EPSS
CVE ID
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.
In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.
In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.
In the Linux kernel, the following vulnerability has been resolved: o ...
Уязвимость функции ocfs2_xattr_find_entry() файловой системы ocfs2 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS