7.8
CVE-2024-56596
- EPSS 0.23%
- Veröffentlicht 27.12.2024 15:15:18
- Zuletzt bearbeitet 03.11.2025 21:18:02
- CVE-Watchlists
- Unerledigt
jfs: fix array-index-out-of-bounds in jfs_readdir
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfs_readdir The stbl might contain some invalid values. Added a check to return error code in that case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.4.287
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.231
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.174
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.120
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.66
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.136 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/839f102efb168f02dfdd46717b7c6dddb26b015e
https://git.kernel.org/stable/c/8ff7579554571d92e3deab168f5a7d7b146ed368
https://git.kernel.org/stable/c/97e693593162eef6851d232f0c8148169ed46a5c
https://git.kernel.org/stable/c/9efe72eefd4c4a7ce63b3e4d667d766d2b360cb4
https://git.kernel.org/stable/c/b62f41aeec9d250144c53875b507c1d45ae8c8fc
https://git.kernel.org/stable/c/e7d376f94f72b020f84e77278b150ec1cc27502c
https://git.kernel.org/stable/c/ff9fc48fab0e1ea0d423c23c99b91bba178f0b05
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html