5.5
CVE-2024-58017
- EPSS 0.22%
- Veröffentlicht 27.02.2025 03:15:12
- Zuletzt bearbeitet 12.05.2026 13:16:26
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring well-defined behavior. This change explicitly avoids any potential overflow by ensuring that the shift occurs on an unsigned 32-bit integer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.1.129
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.78
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.14
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.12 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
https://git.kernel.org/stable/c/3d6f83df8ff2d5de84b50377e4f0d45e25311c7a
https://git.kernel.org/stable/c/404e5fd918a0b14abec06c7eca128f04c9b98e41
https://git.kernel.org/stable/c/4a2c4e7265b8eed83c25d86d702cea06493cab18
https://git.kernel.org/stable/c/4acf6bab775dbd22a9a799030a808a7305e01d63
https://git.kernel.org/stable/c/9a6d43844de2479a3ff8d674c3e2a16172e01598
https://git.kernel.org/stable/c/54c14022fa2ba427dc543455c2cf9225903a7174
https://git.kernel.org/stable/c/bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1
https://git.kernel.org/stable/c/dfb7b179741ee09506dc7719d92f9e1cea01f10e
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
https://cert-portal.siemens.com/productcert/html/ssa-265688.html