7.1

CVE-2024-27401

firewire: nosy: ensure user_length is taken into account when fetching packet contents

In the Linux kernel, the following vulnerability has been resolved:

firewire: nosy: ensure user_length is taken into account when fetching packet contents

Ensure that packet_buffer_get respects the user_length provided. If
the length of the head packet exceeds the user_length, packet_buffer_get
will now return 0 to signify to the user that no data were read
and a larger buffer size is required. Helps prevent user space overflows.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.36 < 4.19.314
LinuxLinux Kernel Version >= 4.20 < 5.4.276
LinuxLinux Kernel Version >= 5.5 < 5.10.217
LinuxLinux Kernel Version >= 5.11 < 5.15.159
LinuxLinux Kernel Version >= 5.16 < 6.1.91
LinuxLinux Kernel Version >= 6.2 < 6.6.31
LinuxLinux Kernel Version >= 6.7 < 6.8.10
LinuxLinux Kernel Version6.9 Updaterc1
LinuxLinux Kernel Version6.9 Updaterc2
LinuxLinux Kernel Version6.9 Updaterc3
LinuxLinux Kernel Version6.9 Updaterc4
LinuxLinux Kernel Version6.9 Updaterc5
LinuxLinux Kernel Version6.9 Updaterc6
DebianDebian Linux Version10.0
FedoraprojectFedora Version39
FedoraprojectFedora Version40
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.3% 0.21
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/
Third Party Advisory
https://git.kernel.org/stable/c/1fe60ee709436550f8cfbab01295936b868d5baa
Patch
https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98
Patch
https://git.kernel.org/stable/c/4ee0941da10e8fdcdb34756b877efd3282594c1f
Patch
https://git.kernel.org/stable/c/539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c
Patch
https://git.kernel.org/stable/c/67f34f093c0f7bf33f5b4ae64d3d695a3b978285
Patch
https://git.kernel.org/stable/c/79f988d3ffc1aa778fc5181bdfab312e57956c6b
Patch
https://git.kernel.org/stable/c/7b8c7bd2296e95b38a6ff346242356a2e7190239
Patch
https://git.kernel.org/stable/c/cca330c59c54207567a648357835f59df9a286bb
Patch