Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-38579

Опубликовано: 19 июн. 2024
Источник: redhat
CVSS3: 4.4

Описание

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key_len to hash_iv_len. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernel-rtNot affected
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:700024.09.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:592828.08.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:592828.08.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-99
https://bugzilla.redhat.com/show_bug.cgi?id=2293414kernel: crypto: bcm - Fix pointer arithmetic

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-38579

ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key_len to hash_iv_len. Found by Linux Verification Center (linuxtesting.org) with SVACE.

nvd логотип

CVE-2024-38579

nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key_len to hash_iv_len. Found by Linux Verification Center (linuxtesting.org) with SVACE.

debian логотип

CVE-2024-38579

debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: c ...

github логотип

GHSA-676m-39hm-wg2r

github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key_len to hash_iv_len. Found by Linux Verification Center (linuxtesting.org) with SVACE.

fstec логотип

BDU:2024-10733

CVSS3: 5.5
fstec
около 1 года назад

Уязвимость компонента crypto ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

4.4 Medium

CVSS3