-

CVE-2024-27401

EPSS 0.09%
Published 14.05.2024 15:12:29
Last modified 21.11.2024 09:04:32
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

firewire: nosy: ensure user_length is taken into account when fetching packet contents

Ensure that packet_buffer_get respects the user_length provided. If
the length of the head packet exceeds the user_length, packet_buffer_get
will now return 0 to signify to the user that no data were read
and a larger buffer size is required. Helps prevent user space overflows.

Affected products Warnungen 0 Metrics 1 CWE 0 References 15

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 67f34f093c0f7bf33f5b4ae64d3d695a3b978285

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 7b8c7bd2296e95b38a6ff346242356a2e7190239

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < cca330c59c54207567a648357835f59df9a286bb

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 79f988d3ffc1aa778fc5181bdfab312e57956c6b

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 4ee0941da10e8fdcdb34756b877efd3282594c1f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 1fe60ee709436550f8cfbab01295936b868d5baa

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 38762a0763c10c24a4915feee722d7aa6e73eb98

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version <= 4.19.*

Version 4.19.314

Status unaffected

Version <= 5.4.*

Version 5.4.276

Status unaffected

Version <= 5.10.*

Version 5.10.217

Status unaffected

Version <= 5.15.*

Version 5.15.159

Status unaffected

Version <= 6.1.*

Version 6.1.91

Status unaffected

Version <= 6.6.*

Version 6.6.31

Status unaffected

Version <= 6.8.*

Version 6.8.10

Status unaffected

Version <= *

Version 6.9

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.256

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/

https://git.kernel.org/stable/c/1fe60ee709436550f8cfbab01295936b868d5baa

https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98

https://git.kernel.org/stable/c/4ee0941da10e8fdcdb34756b877efd3282594c1f

https://git.kernel.org/stable/c/539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c

https://git.kernel.org/stable/c/67f34f093c0f7bf33f5b4ae64d3d695a3b978285

https://git.kernel.org/stable/c/79f988d3ffc1aa778fc5181bdfab312e57956c6b

https://git.kernel.org/stable/c/7b8c7bd2296e95b38a6ff346242356a2e7190239

https://git.kernel.org/stable/c/cca330c59c54207567a648357835f59df9a286bb

https://nvd.nist.gov/vuln/detail/CVE-2024-27401

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27401

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27401

EUVD