CVE-2024-41721

Summary

An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution.

Affected Software

VendorProductVersion RangeStatus
FreeBSDFreeBSD14.1-RELEASE < p5affected
FreeBSDFreeBSD14.0-RELEASE < p11affected
FreeBSDFreeBSD13.4-RELEASE < p1affected
FreeBSDFreeBSD13.3-RELEASE < p7affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References