CVE-2024-45021

Summary

In the Linux kernel, the following vulnerability has been resolved:

memcg_write_event_control(): fix a user-triggerable oops

we are not guaranteed that anything past the terminating NUL is mapped (let alone initialized with anything sane).

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < fa5bfdf6cb5846a00e712d630a43e3cf55ccb411affected
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < 1b37ec85ad95b612307627758c6018cd9d92cca8affected
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < ad149f5585345e383baa65f1539d816cd715fd3baffected
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < 0fbe2a72e853a1052abe9bc2b7df8ddb102da227affected
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < 43768fa80fd192558737e24ed6548f74554611d7affected
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < f1aa7c509aa766080db7ab3aec2e31b1df09e57caffected
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < 21b578f1d599edb87462f11113c5b0fc7a04ac61affected
LinuxLinux0dea116876eefc9c7ca9c5d74fe665481e499fa3 < 046667c4d3196938e992fba0dfcde570aa85cd0eaffected
LinuxLinux2.6.34affected
LinuxLinux0 < 2.6.34unaffected
LinuxLinux4.19.321 <= 4.19.*unaffected
LinuxLinux5.4.283 <= 5.4.*unaffected
LinuxLinux5.10.225 <= 5.10.*unaffected
LinuxLinux5.15.166 <= 5.15.*unaffected
LinuxLinux6.1.107 <= 6.1.*unaffected
LinuxLinux6.6.48 <= 6.6.*unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References