Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-50259

UNKNOWN
Published 2024-11-09T10:15:12.251Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-50259. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()

This was found by a static analyzer.
We should not forget the trailing zero after copy_from_user()
if we will further do some string operations, sscanf() in this
case. Adding a trailing zero will ensure that the function
performs properly.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Linux

Affected Versions:

c6385c0b67c527b298111775bc89a7407ba1581e c6385c0b67c527b298111775bc89a7407ba1581e c6385c0b67c527b298111775bc89a7407ba1581e c6385c0b67c527b298111775bc89a7407ba1581e c6385c0b67c527b298111775bc89a7407ba1581e
Linux

Linux

Affected Versions:

5.13 0 5.15.171 6.1.116 6.6.60 6.11.7 6.12

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-gc72-pc9p-m8wc

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() This was found by a static analyzer. We should not forget the trailing zero after copy_from_user() if we will further do some string operations, sscanf() in this case. Adding a trailing zero will ensure that the function performs properly.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-50259
WEB https://git.kernel.org/stable/c/27bd7a742e171362c9eb52ad5d1d71d3321f949f
WEB https://git.kernel.org/stable/c/4ce1f56a1eaced2523329bef800d004e30f2f76c
WEB https://git.kernel.org/stable/c/6a604877160fe5ab2e1985d5ce1ba6a61abe0693
WEB https://git.kernel.org/stable/c/bcba86e03b3aac361ea671672cf48eed11f9011c
WEB https://git.kernel.org/stable/c/c2150f666c6fc301d5d1643ed0f92251f1a0ff0d

Advisory provided by GitHub Security Advisory Database. Published: November 9, 2024, Modified: November 14, 2024

References

https://git.kernel.org/stable/c/c2150f666c6fc301d5d1643ed0f92251f1a0ff0d
https://git.kernel.org/stable/c/bcba86e03b3aac361ea671672cf48eed11f9011c
https://git.kernel.org/stable/c/6a604877160fe5ab2e1985d5ce1ba6a61abe0693
https://git.kernel.org/stable/c/27bd7a742e171362c9eb52ad5d1d71d3321f949f
https://git.kernel.org/stable/c/4ce1f56a1eaced2523329bef800d004e30f2f76c
Published: 2024-11-09T10:15:12.251Z
Last Modified: 2025-05-04T09:50:07.192Z
Copied to clipboard!