CVE-2024-38381
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
nfc: nci: Fix uninit-value in nci_rx_work
syzbot reported the following uninit-value access issue [1]
nci_rx_work() parses received packet from ndev->rx_q. It should be validated header size, payload size and total packet size before processing the packet. If an invalid packet is detected, it should be silently discarded.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 11387b2effbb55f58dc2111ef4b4b896f2756240 < 406cfac9debd4a6d3dc5d9258ee086372a8c08b6 | affected |
| Linux | Linux | 03fe259649a551d336a7f20919b641ea100e3fff < 485ded868ed62ceb2acb3a459d7843fd71472619 | affected |
| Linux | Linux | 755e53bbc61bc1aff90eafa64c8c2464fd3dfa3c < f80b786ab0550d0020191a59077b2c7e069db2d1 | affected |
| Linux | Linux | ac68d9fa09e410fa3ed20fb721d56aa558695e16 < ad4d196d2008c7f413167f0a693feb4f0439d7fe | affected |
| Linux | Linux | b51ec7fc9f877ef869c01d3ea6f18f6a64e831a7 < e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3 | affected |
| Linux | Linux | a946ebee45b09294c8b0b0e77410b763c4d2817a < e53a7f8afcbd2886f2a94c5d56757328109730ea | affected |
| Linux | Linux | d24b03535e5eb82e025219c2f632b485409c898f < 017ff397624930fd7ac7f1761f3c9d6a7100f68c | affected |
| Linux | Linux | d24b03535e5eb82e025219c2f632b485409c898f < e4a87abf588536d1cdfb128595e6e680af5cf3ed | affected |
| Linux | Linux | 8948e30de81faee87eeee01ef42a1f6008f5a83a | affected |
| Linux | Linux | 4.19.312 < 4.19.316 | affected |
| Linux | Linux | 5.4.274 < 5.4.278 | affected |
| Linux | Linux | 5.10.215 < 5.10.219 | affected |
| Linux | Linux | 5.15.154 < 5.15.161 | affected |
| Linux | Linux | 6.1.85 < 6.1.93 | affected |
| Linux | Linux | 6.6.26 < 6.6.33 | affected |
| Linux | Linux | 6.8.5 < 6.9 | affected |
| Linux | Linux | 6.9 | affected |
| Linux | Linux | 0 < 6.9 | unaffected |
| Linux | Linux | 4.19.316 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.278 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.219 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.161 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.93 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.33 <= 6.6.* | unaffected |
| Linux | Linux | 6.9.4 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/406cfac9debd4a6d3dc5d9258ee086372a8c08b6
- https://git.kernel.org/stable/c/485ded868ed62ceb2acb3a459d7843fd71472619
- https://git.kernel.org/stable/c/f80b786ab0550d0020191a59077b2c7e069db2d1
- https://git.kernel.org/stable/c/ad4d196d2008c7f413167f0a693feb4f0439d7fe
- https://git.kernel.org/stable/c/e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3
- https://git.kernel.org/stable/c/e53a7f8afcbd2886f2a94c5d56757328109730ea
- https://git.kernel.org/stable/c/017ff397624930fd7ac7f1761f3c9d6a7100f68c
- https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-613116.html
References
- https://git.kernel.org/stable/c/406cfac9debd4a6d3dc5d9258ee086372a8c08b6
- https://git.kernel.org/stable/c/485ded868ed62ceb2acb3a459d7843fd71472619
- https://git.kernel.org/stable/c/f80b786ab0550d0020191a59077b2c7e069db2d1
- https://git.kernel.org/stable/c/ad4d196d2008c7f413167f0a693feb4f0439d7fe
- https://git.kernel.org/stable/c/e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3
- https://git.kernel.org/stable/c/e53a7f8afcbd2886f2a94c5d56757328109730ea
- https://git.kernel.org/stable/c/017ff397624930fd7ac7f1761f3c9d6a7100f68c
- https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.