CVE-2024-46748

Опубликовано: 18 сент. 2024

Источник: redhat

CVSS3: 4.7

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT Set the maximum size of a subrequest that writes to cachefiles to be MAX_RW_COUNT so that we don't overrun the maximum write we can make to the backing filesystem.

Отчет

The security impact of this bug is limited. Not actual for current versions of Red Hat Enterprise Linux (before version 10), because related code not back-ported yet.

Меры по смягчению последствий

To mitigate this issue, prevent module cachefiles from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Will not fix
Red Hat Enterprise Linux 9	kernel-rt	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-664

https://bugzilla.redhat.com/show_bug.cgi?id=2313096kernel: cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT

EPSS

Процентиль: 33%

0.00128

Низкий

4.7 Medium

CVSS3

Связанные уязвимости

CVE-2024-46748

CVSS3: 5.5

ubuntu

больше 1 года назад

CVE-2024-46748

CVSS3: 5.5

nvd

больше 1 года назад

CVE-2024-46748

msrc

4 месяца назад

cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT

CVE-2024-46748

CVSS3: 5.5

debian

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: c ...

GHSA-p5v6-vwvg-823j

CVSS3: 5.5

github

больше 1 года назад

EPSS

Процентиль: 33%

0.00128

Низкий

4.7 Medium

CVSS3