5.5
CVE-2024-41086
- EPSS 0.2%
- Veröffentlicht 29.07.2024 16:15:04
- Zuletzt bearbeitet 09.10.2025 18:00:35
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
bcachefs: Fix sb_field_downgrade validation
In the Linux kernel, the following vulnerability has been resolved: bcachefs: Fix sb_field_downgrade validation - bch2_sb_downgrade_validate() wasn't checking for a downgrade entry extending past the end of the superblock section - for_each_downgrade_entry() is used in to_text() and needs to work on malformed input; it also was missing a check for a field extending past the end of the section
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.7.1 < 6.9.8
Linux ≫ Linux Kernel Version6.7 Update-
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.094 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/692aa7a54b2b28d59f24b3bf8250837805484b99
https://git.kernel.org/stable/c/bf920ed92ef24dcd6970c88881cd4700b3acf05b