CVE-2024-57983

EPSS 0.05%
Veröffentlicht 27.02.2025 02:15:11
Zuletzt bearbeitet 01.10.2025 20:18:08
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

mailbox: th1520: Fix memory corruption due to incorrect array size

The functions th1520_mbox_suspend_noirq and th1520_mbox_resume_noirq are
intended to save and restore the interrupt mask registers in the MBOX
ICU0. However, the array used to store these registers was incorrectly
sized, leading to memory corruption when accessing all four registers.

This commit corrects the array size to accommodate all four interrupt
mask registers, preventing memory corruption during suspend and resume
operations.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.13 < 6.13.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.143

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/2cd12c7fba59f30369e8647a2b726c7280903304

Patch

Mailing List

https://git.kernel.org/stable/c/db049866943a38bf46a34fa120d526663339d7a5

Patch

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2024-57983

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-57983

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-57983

EUVD