5.5

CVE-2024-38624

fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow

For example, in the expression:
	vbo = 2 * vbo + skip
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15 < 5.15.161
LinuxLinux Kernel Version >= 5.16 < 6.1.93
LinuxLinux Kernel Version >= 6.2 < 6.6.33
LinuxLinux Kernel Version >= 6.7 < 6.9.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.126
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/109d85a98345ee52d47c650405dc51bdd2bc7d40
Patch
https://git.kernel.org/stable/c/2d1ad595d15f36a925480199bf1d9ad72614210b
Patch
https://git.kernel.org/stable/c/847db4049f6189427ddaefcfc967d4d235b73c57
Patch
https://git.kernel.org/stable/c/98db3155b54d3684ef0ab5bfa0b856d13f65843d
Patch
https://git.kernel.org/stable/c/e931f6b630ffb22d66caab202a52aa8cbb10c649
Patch