7.8

CVE-2024-43858

jfs: Fix array-index-out-of-bounds in diFree

In the Linux kernel, the following vulnerability has been resolved:

jfs: Fix array-index-out-of-bounds in diFree
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.12 < 4.19.320
LinuxLinux Kernel Version >= 4.20 < 5.4.282
LinuxLinux Kernel Version >= 5.5 < 5.10.224
LinuxLinux Kernel Version >= 5.11 < 5.15.165
LinuxLinux Kernel Version >= 5.16 < 6.1.103
LinuxLinux Kernel Version >= 6.2 < 6.6.44
LinuxLinux Kernel Version >= 6.7 < 6.10.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.14
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/538a27c8048f081a5ddd286f886eb986fbbc7f80
Patch
https://git.kernel.org/stable/c/55b732c8b09b41148eaab2fa8e31b0af47671e00
Patch
https://git.kernel.org/stable/c/63f7fdf733add82f126ea00e2e48f6eba15ac4b9
Patch
https://git.kernel.org/stable/c/6aa6892a90a5a7fabffe5692ab9f06a7a46c6e42
Patch
https://git.kernel.org/stable/c/8d8f9a477de0d7962342eedf2a599215b7c63d28
Patch
https://git.kernel.org/stable/c/9b3a4345957f5372041bc4f59de322f62653e862
Patch
https://git.kernel.org/stable/c/f73f969b2eb39ad8056f6c7f3a295fa2f85e313a
Patch
https://git.kernel.org/stable/c/ff14eadc278663cac69d57d3ca7fb2f394e1f8a7
Patch
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html