CVE-2024-42284

In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow access can occur in tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP media address.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

19 Aug 2024, 19:47

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-754
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/253405541be2f15ffebdeac2f4cf4b7e9144d12f - () https://git.kernel.org/stable/c/253405541be2f15ffebdeac2f4cf4b7e9144d12f - Patch
References () https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0f1de62a - () https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0f1de62a - Patch
References () https://git.kernel.org/stable/c/5eea127675450583680c8170358bcba43227bd69 - () https://git.kernel.org/stable/c/5eea127675450583680c8170358bcba43227bd69 - Patch
References () https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813 - () https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813 - Patch
References () https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28 - () https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28 - Patch
References () https://git.kernel.org/stable/c/7ec3335dd89c8d169e9650e4bac64fde71fdf15b - () https://git.kernel.org/stable/c/7ec3335dd89c8d169e9650e4bac64fde71fdf15b - Patch
References () https://git.kernel.org/stable/c/aa38bf74899de07cf70b50cd17f8ad45fb6654c8 - () https://git.kernel.org/stable/c/aa38bf74899de07cf70b50cd17f8ad45fb6654c8 - Patch
References () https://git.kernel.org/stable/c/fa96c6baef1b5385e2f0c0677b32b3839e716076 - () https://git.kernel.org/stable/c/fa96c6baef1b5385e2f0c0677b32b3839e716076 - Patch
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

19 Aug 2024, 12:59

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: Devuelve un valor distinto de cero desde tipc_udp_addr2str() en caso de error tipc_udp_addr2str() debería devolver un valor distinto de cero si la dirección de medios UDP no es válida. De lo contrario, puede ocurrir un acceso de desbordamiento del búfer en tipc_media_addr_printf(). Solucione este problema devolviendo 1 en una dirección de medios UDP no válida.

19 Aug 2024, 05:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/253405541be2f15ffebdeac2f4cf4b7e9144d12f -
  • () https://git.kernel.org/stable/c/5eea127675450583680c8170358bcba43227bd69 -
  • () https://git.kernel.org/stable/c/7ec3335dd89c8d169e9650e4bac64fde71fdf15b -
  • () https://git.kernel.org/stable/c/aa38bf74899de07cf70b50cd17f8ad45fb6654c8 -

17 Aug 2024, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-17 09:15

Updated : 2024-08-19 19:47


NVD link : CVE-2024-42284

Mitre link : CVE-2024-42284

CVE.ORG link : CVE-2024-42284


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions