CVE-2024-41028

UNKNOWN

Published 2024-07-29T14:31:44.704Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-41028. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: toshiba_acpi: Fix array out-of-bounds access

In order to use toshiba_dmi_quirks[] together with the standard DMI
matching functions, it must be terminated by a empty entry.

Since this entry is missing, an array out-of-bounds access occurs
every time the quirk list is processed.

Fix this by adding the terminating empty entry.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0 3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0 3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0 3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0

Linux

Affected Versions:

6.1 0 6.1.100 6.6.41 6.9.10 6.10

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-w7f6-93r9-8m94

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is missing, an array out-of-bounds access occurs every time the quirk list is processed. Fix this by adding the terminating empty entry.

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-41028

WEB https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf

WEB https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313

WEB https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa

WEB https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a

Advisory provided by GitHub Security Advisory Database. Published: July 29, 2024, Modified: March 6, 2025

References

https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a

https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313

https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf

https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa

Published: 2024-07-29T14:31:44.704Z

Last Modified: 2025-05-04T09:20:25.698Z

Copied to clipboard!

CVE-2024-41028

Expert Analysis

Description

Available Exploits

Related News

Affected Products

Linux

Affected Versions:

Linux

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!