CVE-2024-50248

EPSS 0.04%
Published 09.11.2024 11:15:10
Last modified 03.11.2025 21:17:11
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

ntfs3: Add bounds checking to mi_enum_attr()

Added bounds checking to make sure that every attr don't stray beyond
valid memory region.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.6.60

Linux ≫ Linux Kernel Version >= 6.7 < 6.11.7

Linux ≫ Linux Kernel Version6.12 Updaterc1

Linux ≫ Linux Kernel Version6.12 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.104

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://git.kernel.org/stable/c/22cdf3be7d34f61a91b9e2966fec3a29f3871398

Patch

https://git.kernel.org/stable/c/386613a44b858304a88529ade2ccc1e079a5fc56

https://git.kernel.org/stable/c/556bdf27c2dd5c74a9caacbe524b943a6cd42d99

Patch

https://git.kernel.org/stable/c/809f9b419c75f8042c58434d2bfe849140643e9d

Patch

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-50248

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-50248

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-50248

EUVD