Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-35924

Опубликовано: 19 мая 2024
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2024:510208.08.2024
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:510108.08.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:931512.11.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:931512.11.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=2281758kernel: usb: typec: ucsi: Limit read size on v1.2

EPSS

Процентиль: 31%
0.00116
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-35924

ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.

nvd логотип

CVE-2024-35924

nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.

debian логотип

CVE-2024-35924

debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: u ...

github логотип

GHSA-58xp-fvvp-586w

github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2.

rocky логотип

RLSA-2024:5101

rocky
10 месяцев назад

Important: kernel security update

EPSS

Процентиль: 31%
0.00116
Низкий

5.5 Medium

CVSS3

Уязвимость CVE-2024-35924