CVE-2024-42284

Summary

In the Linux kernel, the following vulnerability has been resolved:

tipc: Return non-zero value from tipc_udp_addr2str() on error

tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow access can occur in tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP media address.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < 7ec3335dd89c8d169e9650e4bac64fde71fdf15baffected
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < 253405541be2f15ffebdeac2f4cf4b7e9144d12faffected
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < aa38bf74899de07cf70b50cd17f8ad45fb6654c8affected
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < 5eea127675450583680c8170358bcba43227bd69affected
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < 728734352743a78b4c5a7285b282127696a4a813affected
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < 76ddf84a52f0d8ec3f5db6ccce08faf202a17d28affected
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < 2abe350db1aa599eeebc6892237d0bce0f1de62aaffected
LinuxLinuxd0f91938bede204a343473792529e0db7d599836 < fa96c6baef1b5385e2f0c0677b32b3839e716076affected
LinuxLinux4.1affected
LinuxLinux0 < 4.1unaffected
LinuxLinux4.19.320 <= 4.19.*unaffected
LinuxLinux5.4.282 <= 5.4.*unaffected
LinuxLinux5.10.224 <= 5.10.*unaffected
LinuxLinux5.15.165 <= 5.15.*unaffected
LinuxLinux6.1.103 <= 6.1.*unaffected
LinuxLinux6.6.44 <= 6.6.*unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References