5.5

CVE-2024-41016

ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()

xattr in ocfs2 maybe 'non-indexed', which saved with additional space
requested.  It's better to check if the memory is out of bound before
memcmp, although this possibility mainly comes from crafted poisonous
images.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.19.323
LinuxLinux Kernel Version >= 4.20 < 5.4.285
LinuxLinux Kernel Version >= 5.5 < 5.10.227
LinuxLinux Kernel Version >= 5.11 < 5.15.168
LinuxLinux Kernel Version >= 5.16 < 6.1.112
LinuxLinux Kernel Version >= 6.2 < 6.6.53
LinuxLinux Kernel Version >= 6.7 < 6.10.12
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.147
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/57a3d89831fcaa2cdbe024b47c7c36d5a56c3637
Patch
https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262
Patch
https://git.kernel.org/stable/c/c031d286eceb82f72f8623b7f4abd2aa491bfb5e
Patch
https://git.kernel.org/stable/c/c726dea9d0c806d64c26fcef483b1fb9474d8c5e
Patch
https://git.kernel.org/stable/c/cfb926051fab19b10d1e65976211f364aa820180
Patch
https://git.kernel.org/stable/c/e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090
Patch
https://git.kernel.org/stable/c/e4ffea01adf3323c821b6f37e9577d2d400adbaa
Patch
https://git.kernel.org/stable/c/e8f9c4af7af7e9e4cd09c0251c7936593147419f
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html