CVE-2024-42284

EPSS 0.01%
Published 17.08.2024 09:15:09
Last modified 03.11.2025 22:17:54
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

tipc: Return non-zero value from tipc_udp_addr2str() on error

tipc_udp_addr2str() should return non-zero value if the UDP media
address is invalid. Otherwise, a buffer overflow access can occur in
tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP
media address.

Affected products Warnungen 0 Metrics 2 CWE 1 References 13

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.1 < 4.19.320

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.282

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.224

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.165

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.103

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.44

Linux ≫ Linux Kernel Version >= 6.7 < 6.10.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.01

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://git.kernel.org/stable/c/253405541be2f15ffebdeac2f4cf4b7e9144d12f

Patch

https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0f1de62a

Patch

https://git.kernel.org/stable/c/5eea127675450583680c8170358bcba43227bd69

Patch

https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813

Patch

https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28

Patch

https://git.kernel.org/stable/c/7ec3335dd89c8d169e9650e4bac64fde71fdf15b

Patch