CVE-2024-58016

Summary

In the Linux kernel, the following vulnerability has been resolved:

safesetid: check size of policy writes

syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled by handle_policy_update(), triggering a warning in kmalloc.

Check the size specified for write buffers before allocating.

[PM: subject tweak]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxaeca4e2ca65c1aeacfbe520684e6421719d99417 < 976284b94f2021df09829e37a367e19b84d9e5f3affected
LinuxLinuxaeca4e2ca65c1aeacfbe520684e6421719d99417 < ecf6a4a558097920447a6fb84dfdb279e2ac749aaffected
LinuxLinuxaeca4e2ca65c1aeacfbe520684e6421719d99417 < a0dec65f88c8d9290dfa1d2ca1e897abe54c5881affected
LinuxLinuxaeca4e2ca65c1aeacfbe520684e6421719d99417 < 96fae5bd1589731592d30b3953a90a77ef3928a6affected
LinuxLinuxaeca4e2ca65c1aeacfbe520684e6421719d99417 < 36b385d0f2b4c0bf41d491e19075ecd990d2bf94affected
LinuxLinuxaeca4e2ca65c1aeacfbe520684e6421719d99417 < c71d35676d46090c891b6419f253fb92a1a9f4ebaffected
LinuxLinuxaeca4e2ca65c1aeacfbe520684e6421719d99417 < f09ff307c7299392f1c88f763299e24bc99811c7affected
LinuxLinux5.1affected
LinuxLinux0 < 5.1unaffected
LinuxLinux5.10.235 <= 5.10.*unaffected
LinuxLinux5.15.179 <= 5.15.*unaffected
LinuxLinux6.1.129 <= 6.1.*unaffected
LinuxLinux6.6.78 <= 6.6.*unaffected
LinuxLinux6.12.14 <= 6.12.*unaffected
LinuxLinux6.13.3 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

Additional References

References