5.5
CVE-2024-46823
- EPSS 0.24%
- Veröffentlicht 27.09.2024 13:15:14
- Zuletzt bearbeitet 05.01.2026 11:17:09
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
kunit/overflow: Fix UB in overflow_allocation_test
In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array doesn't exist out of the 'overflow_allocation_test' function scope. However, it is being used as a driver name when calling 'kunit_driver_create' from 'kunit_device_register'. It produces the kernel panic with KASAN enabled. Since this variable is used in one place only, remove it and pass the device name into kunit_device_register directly as an ascii string.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.10.10
Linux ≫ Linux Kernel Version6.11 Updaterc1
Linux ≫ Linux Kernel Version6.11 Updaterc2
Linux ≫ Linux Kernel Version6.11 Updaterc3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.146 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/92e9bac18124682c4b99ede9ee3bcdd68f121e92
https://git.kernel.org/stable/c/d1207f07decc66546a7fa463d2f335a856c986ef
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html