-

CVE-2024-27401

EPSS 0.09%
Veröffentlicht 14.05.2024 15:12:29
Zuletzt bearbeitet 21.11.2024 09:04:32
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

firewire: nosy: ensure user_length is taken into account when fetching packet contents

Ensure that packet_buffer_get respects the user_length provided. If
the length of the head packet exceeds the user_length, packet_buffer_get
will now return 0 to signify to the user that no data were read
and a larger buffer size is required. Helps prevent user space overflows.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 15

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 67f34f093c0f7bf33f5b4ae64d3d695a3b978285

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 7b8c7bd2296e95b38a6ff346242356a2e7190239

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < cca330c59c54207567a648357835f59df9a286bb

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 79f988d3ffc1aa778fc5181bdfab312e57956c6b

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 4ee0941da10e8fdcdb34756b877efd3282594c1f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 1fe60ee709436550f8cfbab01295936b868d5baa

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 38762a0763c10c24a4915feee722d7aa6e73eb98

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 4.19.*

Version 4.19.314

Status unaffected

Version <= 5.4.*

Version 5.4.276

Status unaffected

Version <= 5.10.*

Version 5.10.217

Status unaffected

Version <= 5.15.*

Version 5.15.159

Status unaffected

Version <= 6.1.*

Version 6.1.91

Status unaffected

Version <= 6.6.*

Version 6.6.31

Status unaffected

Version <= 6.8.*

Version 6.8.10

Status unaffected

Version <= *

Version 6.9

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.256

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/

https://git.kernel.org/stable/c/1fe60ee709436550f8cfbab01295936b868d5baa

https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98

https://git.kernel.org/stable/c/4ee0941da10e8fdcdb34756b877efd3282594c1f

https://git.kernel.org/stable/c/539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c

https://git.kernel.org/stable/c/67f34f093c0f7bf33f5b4ae64d3d695a3b978285

https://git.kernel.org/stable/c/79f988d3ffc1aa778fc5181bdfab312e57956c6b

https://git.kernel.org/stable/c/7b8c7bd2296e95b38a6ff346242356a2e7190239

https://git.kernel.org/stable/c/cca330c59c54207567a648357835f59df9a286bb

https://nvd.nist.gov/vuln/detail/CVE-2024-27401

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27401

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27401

EUVD