7.1
CVE-2024-53162
- EPSS 0.25%
- Veröffentlicht 24.12.2024 12:15:24
- Zuletzt bearbeitet 01.10.2025 21:16:38
- CVE-Watchlists
- Unerledigt
crypto: qat/qat_4xxx - fix off by one in uof_get_name()
In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.5 < 6.6.64
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.11
Linux ≫ Linux Kernel Version >= 6.12 < 6.12.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.163 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb
https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1
https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88
https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6