5.3
CVE-2024-27436
- EPSS 0.26%
- Published 17.05.2024 13:15:58
- Last modified 21.11.2024 09:04:36
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
7e2c1b0f6dd9abde9e60f0f9730026714468770f
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
6d5dc96b154be371df0d62ecb07efe400701ed8a
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
5cd466673b34bac369334f66cbe14bb77b7d7827
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
9af1658ba293458ca6a13f70637b9654fa4be064
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
629af0d5fe94a35f498ba2c3f19bd78bfa591be6
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
22cad1b841a63635a38273b799b4791f202ade72
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
c8a24fd281dcdf3c926413dafbafcf35cde517a9
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
6d88b289fb0a8d055cb79d1c46a56aba7809d96d
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
Version <
a39d51ff1f52cd0b6fe7d379ac93bd8b4237d1b7
Version
04324ccc75f96b3ed7aad1c866d1b7925e977bdf
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
3.8
Status
affected
Version <
3.8
Version
0
Status
unaffected
Version <=
4.19.*
Version
4.19.311
Status
unaffected
Version <=
5.4.*
Version
5.4.273
Status
unaffected
Version <=
5.10.*
Version
5.10.214
Status
unaffected
Version <=
5.15.*
Version
5.15.153
Status
unaffected
Version <=
6.1.*
Version
6.1.83
Status
unaffected
Version <=
6.6.*
Version
6.6.23
Status
unaffected
Version <=
6.7.*
Version
6.7.11
Status
unaffected
Version <=
6.8.*
Version
6.8.2
Status
unaffected
Version <=
*
Version
6.9
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.496 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.