-

CVE-2024-38579

EPSS 0.07%
Veröffentlicht 19.06.2024 14:15:17
Zuletzt bearbeitet 21.11.2024 09:26:23
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

crypto: bcm - Fix pointer arithmetic

In spu2_dump_omd() value of ptr is increased by ciph_key_len
instead of hash_iv_len which could lead to going beyond the
buffer boundaries.
Fix this bug by changing ciph_key_len to hash_iv_len.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < c256b616067bfd6d274c679c06986b78d2402434

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < e719c8991c161977a67197775067ab456b518c7b

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < c69a1e4b419c2c466dd8c5602bdebadc353973dd

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < 49833a8da6407e7e9b532cc4054fdbcaf78f5fdd

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < d0f14ae223c2421b334c1f1a9e48f1e809aee3a0

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < c0082ee420639a97e40cae66778b02b341b005e5

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < 3b7a40740f04e2f27114dfd6225c5e721dda9d57

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

Version < 2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9

Version 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.11

Status affected

Version < 4.11

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.316

Status unaffected

Version <= 5.4.*

Version 5.4.278

Status unaffected

Version <= 5.10.*

Version 5.10.219

Status unaffected

Version <= 5.15.*

Version 5.15.161

Status unaffected

Version <= 6.1.*

Version 6.1.93

Status unaffected

Version <= 6.6.*

Version 6.6.33

Status unaffected

Version <= 6.8.*

Version 6.8.12

Status unaffected

Version <= 6.9.*

Version 6.9.3

Status unaffected

Version <= *

Version 6.10

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.229

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9

https://git.kernel.org/stable/c/3b7a40740f04e2f27114dfd6225c5e721dda9d57

https://git.kernel.org/stable/c/49833a8da6407e7e9b532cc4054fdbcaf78f5fdd

https://git.kernel.org/stable/c/c0082ee420639a97e40cae66778b02b341b005e5

https://git.kernel.org/stable/c/c256b616067bfd6d274c679c06986b78d2402434

https://git.kernel.org/stable/c/c69a1e4b419c2c466dd8c5602bdebadc353973dd

https://git.kernel.org/stable/c/d0f14ae223c2421b334c1f1a9e48f1e809aee3a0

https://git.kernel.org/stable/c/e719c8991c161977a67197775067ab456b518c7b

https://git.kernel.org/stable/c/ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6

https://nvd.nist.gov/vuln/detail/CVE-2024-38579

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-38579

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-38579

EUVD