CVE-2024-36934
UNKNOWN
Published 2024-05-30T15:29:24.357Z
Actions:
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2024-36934. We'll provide specific mitigation strategies based on your environment and risk profile.
No CVSS data available
Description
In the Linux kernel, the following vulnerability has been resolved:
bna: ensure the copied buf is NUL terminated
Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from
userspace to that buffer. Later, we use sscanf on this buffer but we don't
ensure that the string is terminated inside the buffer, this can lead to
OOB read when using sscanf. Fix this issue by using memdup_user_nul
instead of memdup_user.
Available Exploits
No exploits available for this CVE.
Related News
No news articles found for this CVE.
Affected Products
Affected Versions:
7afc5dbde09104b023ce04465ba71aaba0fc4346
7afc5dbde09104b023ce04465ba71aaba0fc4346
7afc5dbde09104b023ce04465ba71aaba0fc4346
7afc5dbde09104b023ce04465ba71aaba0fc4346
7afc5dbde09104b023ce04465ba71aaba0fc4346
7afc5dbde09104b023ce04465ba71aaba0fc4346
7afc5dbde09104b023ce04465ba71aaba0fc4346
7afc5dbde09104b023ce04465ba71aaba0fc4346
References
Published: 2024-05-30T15:29:24.357Z
Last Modified: 2025-05-04T09:12:22.995Z
Copied to clipboard!