7.8

CVE-2024-42284

tipc: Return non-zero value from tipc_udp_addr2str() on error

In the Linux kernel, the following vulnerability has been resolved:

tipc: Return non-zero value from tipc_udp_addr2str() on error

tipc_udp_addr2str() should return non-zero value if the UDP media
address is invalid. Otherwise, a buffer overflow access can occur in
tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP
media address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.1 < 4.19.320
LinuxLinux Kernel Version >= 4.20 < 5.4.282
LinuxLinux Kernel Version >= 5.5 < 5.10.224
LinuxLinux Kernel Version >= 5.11 < 5.15.165
LinuxLinux Kernel Version >= 5.16 < 6.1.103
LinuxLinux Kernel Version >= 6.2 < 6.6.44
LinuxLinux Kernel Version >= 6.7 < 6.10.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.182
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://git.kernel.org/stable/c/253405541be2f15ffebdeac2f4cf4b7e9144d12f
Patch
https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0f1de62a
Patch
https://git.kernel.org/stable/c/5eea127675450583680c8170358bcba43227bd69
Patch
https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813
Patch
https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28
Patch
https://git.kernel.org/stable/c/7ec3335dd89c8d169e9650e4bac64fde71fdf15b
Patch
https://git.kernel.org/stable/c/aa38bf74899de07cf70b50cd17f8ad45fb6654c8
Patch
https://git.kernel.org/stable/c/fa96c6baef1b5385e2f0c0677b32b3839e716076
Patch
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html