CVE-2024-41018

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attr_names and oatbl Added out-of-bound checking for *ane (ATTR_NAME_ENTRY).

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845	Patch
https://git.kernel.org/stable/c/9b71f820f7168f1eab8378c80c7ea8a022a475bc	Patch
https://git.kernel.org/stable/c/c114d2b88f8b226d4b2acf5a1ba0412cde6c31dd	Patch
https://git.kernel.org/stable/c/f3124d51e4e7b56a732419d8dc270e807252334f	Patch
https://git.kernel.org/stable/c/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845	Patch
https://git.kernel.org/stable/c/9b71f820f7168f1eab8378c80c7ea8a022a475bc	Patch
https://git.kernel.org/stable/c/c114d2b88f8b226d4b2acf5a1ba0412cde6c31dd	Patch
https://git.kernel.org/stable/c/f3124d51e4e7b56a732419d8dc270e807252334f	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.8:-::::::
	cpe:2.3:o:linux:linux_kernel:6.8:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.8:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.8:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.8:rc7::::::

History

07 Oct 2025, 19:29

Type	Values Removed	Values Added
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel:6.8:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.8:rc7:::::: cpe:2.3:o:linux:linux_kernel:6.8:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.8:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.8:-::::::
References	~~() https://git.kernel.org/stable/c/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845 -~~	() https://git.kernel.org/stable/c/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845 - Patch
References	~~() https://git.kernel.org/stable/c/9b71f820f7168f1eab8378c80c7ea8a022a475bc -~~	() https://git.kernel.org/stable/c/9b71f820f7168f1eab8378c80c7ea8a022a475bc - Patch
References	~~() https://git.kernel.org/stable/c/c114d2b88f8b226d4b2acf5a1ba0412cde6c31dd -~~	() https://git.kernel.org/stable/c/c114d2b88f8b226d4b2acf5a1ba0412cde6c31dd - Patch
References	~~() https://git.kernel.org/stable/c/f3124d51e4e7b56a732419d8dc270e807252334f -~~	() https://git.kernel.org/stable/c/f3124d51e4e7b56a732419d8dc270e807252334f - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		NVD-CWE-noinfo

21 Nov 2024, 09:32

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845 -~~	() https://git.kernel.org/stable/c/702d4930eb06dcfda85a2fa67e8a1a27bfa2a845 -
References	~~() https://git.kernel.org/stable/c/9b71f820f7168f1eab8378c80c7ea8a022a475bc -~~	() https://git.kernel.org/stable/c/9b71f820f7168f1eab8378c80c7ea8a022a475bc -
References	~~() https://git.kernel.org/stable/c/c114d2b88f8b226d4b2acf5a1ba0412cde6c31dd -~~	() https://git.kernel.org/stable/c/c114d2b88f8b226d4b2acf5a1ba0412cde6c31dd -
References	~~() https://git.kernel.org/stable/c/f3124d51e4e7b56a732419d8dc270e807252334f -~~	() https://git.kernel.org/stable/c/f3124d51e4e7b56a732419d8dc270e807252334f -

29 Jul 2024, 14:12

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: fs/ntfs3: agregue una verificación para attr_names y oatbl. Se agregó una verificación fuera de los límites para *ane (ATTR_NAME_ENTRY).

29 Jul 2024, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-29 07:15

Updated : 2025-10-07 19:29

NVD link : CVE-2024-41018

Mitre link : CVE-2024-41018

CVE.ORG link : CVE-2024-41018

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10