CVE-2024-36934
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
30/05/2024
Last modified:
22/01/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
bna: ensure the copied buf is NUL terminated<br />
<br />
Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from<br />
userspace to that buffer. Later, we use sscanf on this buffer but we don&#39;t<br />
ensure that the string is terminated inside the buffer, this can lead to<br />
OOB read when using sscanf. Fix this issue by using memdup_user_nul<br />
instead of memdup_user.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 3.3 (including) | 4.19.314 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.276 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.217 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.159 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.91 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.31 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.10 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32
- https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9
- https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35
- https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4
- https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd
- https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f
- https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147
- https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91
- https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32
- https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9
- https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35
- https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4
- https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd
- https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f
- https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147
- https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://security.netapp.com/advisory/ntap-20240912-0007/