Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-39478

Опубликовано: 05 июл. 2024
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2296062kernel: crypto: starfive - Do not free stack buffer

EPSS

Процентиль: 9%
0.00031
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-39478

CVSS3: 5.5
ubuntu
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.

nvd логотип

CVE-2024-39478

CVSS3: 5.5
nvd
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.

msrc логотип

CVE-2024-39478

msrc
5 месяцев назад

crypto: starfive - Do not free stack buffer

debian логотип

CVE-2024-39478

CVSS3: 5.5
debian
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: c ...

github логотип

GHSA-vfcx-wcgr-9vc5

CVSS3: 5.5
github
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.

EPSS

Процентиль: 9%
0.00031
Низкий

4.4 Medium

CVSS3