7.8
CVE-2024-41028
- EPSS 0.02%
- Published 29.07.2024 15:15:11
- Last modified 03.11.2025 22:17:24
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Open
LoginIn the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is missing, an array out-of-bounds access occurs every time the quirk list is processed. Fix this by adding the terminating empty entry.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.100
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.41
Linux ≫ Linux Kernel Version >= 6.7 < 6.9.10
Linux ≫ Linux Kernel Version6.10 Updaterc1
Linux ≫ Linux Kernel Version6.10 Updaterc2
Linux ≫ Linux Kernel Version6.10 Updaterc3
Linux ≫ Linux Kernel Version6.10 Updaterc4
Linux ≫ Linux Kernel Version6.10 Updaterc5
Linux ≫ Linux Kernel Version6.10 Updaterc6
Linux ≫ Linux Kernel Version6.10 Updaterc7
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.029 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.