CVE-2024-49995

Опубликовано: 12 нояб. 2024

Источник: msrc

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

Связанные уязвимости

CVE-2024-49995

ubuntu

8 месяцев назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2024-49995

CVSS3: 7.1

redhat

8 месяцев назад

A string buffer over-run was found in the Linux kernel. Copying media_name and if_name to name_parts may overwrite the destination, resulting in a software crash.

CVE-2024-49995

nvd

8 месяцев назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

GHSA-c8jq-9f5m-r697

CVSS3: 7.8

github

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun Smatch reports that copying media_name and if_name to name_parts may overwrite the destination. .../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' too large for 'name_parts->media_name' (32 vs 16) .../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' too large for 'name_parts->if_name' (1010102 vs 16) This does seem to be the case so guard against this possibility by using strscpy() and failing if truncation occurs. Introduced by commit b97bf3fd8f6a ("[TIPC] Initial merge") Compile tested only.

SUSE-SU-2024:4397-1

suse-cvrf

6 месяцев назад

Security update for the Linux Kernel