Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-38562

Опубликовано: 19 июн. 2024
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

wifi: nl80211: Avoid address calculations via out of bounds array indexing

Before request->channels[] can be used, request->n_channels must be set. Additionally, address calculations for memory after the "channels" array need to be calculated from the allocation base ("request") rather than via the first "out of bounds" index of "channels", otherwise run-time bounds checking will throw a warning.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.6 (включая) до 6.6.33 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.7 (включая) до 6.8.12 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.9 (включая) до 6.9.3 (исключая)

EPSS

Процентиль: 16%
0.0005
Низкий

7.8 High

CVSS3

Дефекты

CWE-129
CWE-129

Связанные уязвимости

ubuntu логотип

CVE-2024-38562

CVSS3: 7.8
ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request->channels[] can be used, request->n_channels must be set. Additionally, address calculations for memory after the "channels" array need to be calculated from the allocation base ("request") rather than via the first "out of bounds" index of "channels", otherwise run-time bounds checking will throw a warning.

redhat логотип

CVE-2024-38562

CVSS3: 5.6
redhat
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request->channels[] can be used, request->n_channels must be set. Additionally, address calculations for memory after the "channels" array need to be calculated from the allocation base ("request") rather than via the first "out of bounds" index of "channels", otherwise run-time bounds checking will throw a warning.

debian логотип

CVE-2024-38562

CVSS3: 7.8
debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: w ...

github логотип

GHSA-wcf6-w83f-hp3h

CVSS3: 7.8
github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request->channels[] can be used, request->n_channels must be set. Additionally, address calculations for memory after the "channels" array need to be calculated from the allocation base ("request") rather than via the first "out of bounds" index of "channels", otherwise run-time bounds checking will throw a warning.

fstec логотип

BDU:2024-11573

CVSS3: 5.5
fstec
около 1 года назад

Уязвимость компонента nl80211 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 16%
0.0005
Низкий

7.8 High

CVSS3

Дефекты

CWE-129
CWE-129