8.4

CVE-2024-27407

fs/ntfs3: Fixed overflow check in mi_enum_attr()

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fixed overflow check in mi_enum_attr()
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 6.1.120
LinuxLinux Kernel Version >= 6.2 < 6.6.19
LinuxLinux Kernel Version >= 6.7 < 6.7.7
LinuxLinux Kernel Version6.8 Updaterc1
LinuxLinux Kernel Version6.8 Updaterc2
LinuxLinux Kernel Version6.8 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.3% 0.209
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.4 2.5 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

https://git.kernel.org/stable/c/1c0a95d99b1b2b5d842e5abc7ef7eed1193b60d7
Patch
https://git.kernel.org/stable/c/652cfeb43d6b9aba5c7c4902bed7a7340df131fb
Patch
https://git.kernel.org/stable/c/8c77398c72618101d66480b94b34fe9087ee3d08
Patch
https://git.kernel.org/stable/c/e99faa97359654b6e4e769246c72cf50a57e05b2
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html