CVE-2024-50180

In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yres are placed in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters and a space if the array contains non-digit characters. Then, when executing sprintf(strbuf, "%ux%ux8", xres, yres); more than 16 bytes will be written to strbuf. It is suggested to increase the size of the strbuf array to 24. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

29 Nov 2024, 20:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CWE CWE-787
References () https://git.kernel.org/stable/c/11c0d49093b82f6c547fd419c41a982d26bdf5ef - () https://git.kernel.org/stable/c/11c0d49093b82f6c547fd419c41a982d26bdf5ef - Patch
References () https://git.kernel.org/stable/c/252f147b1826cbb30ae0304cf86b66d3bb12b743 - () https://git.kernel.org/stable/c/252f147b1826cbb30ae0304cf86b66d3bb12b743 - Patch
References () https://git.kernel.org/stable/c/41cf6f26abe4f491b694c54bd1aa2530369b7510 - () https://git.kernel.org/stable/c/41cf6f26abe4f491b694c54bd1aa2530369b7510 - Patch
References () https://git.kernel.org/stable/c/433c84c8495008922534c5cafdae6ff970fb3241 - () https://git.kernel.org/stable/c/433c84c8495008922534c5cafdae6ff970fb3241 - Patch
References () https://git.kernel.org/stable/c/57c4f4db0a194416da237fd09dad9527e00cb587 - () https://git.kernel.org/stable/c/57c4f4db0a194416da237fd09dad9527e00cb587 - Patch
References () https://git.kernel.org/stable/c/688872c4ea4a528cd6a057d545c83506b533ee1f - () https://git.kernel.org/stable/c/688872c4ea4a528cd6a057d545c83506b533ee1f - Patch
References () https://git.kernel.org/stable/c/889304120ecb2ca30674d89cd4ef15990b6a571c - () https://git.kernel.org/stable/c/889304120ecb2ca30674d89cd4ef15990b6a571c - Patch
References () https://git.kernel.org/stable/c/9cf14f5a2746c19455ce9cb44341b5527b5e19c3 - () https://git.kernel.org/stable/c/9cf14f5a2746c19455ce9cb44341b5527b5e19c3 - Patch

08 Nov 2024, 16:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/433c84c8495008922534c5cafdae6ff970fb3241 -
  • () https://git.kernel.org/stable/c/57c4f4db0a194416da237fd09dad9527e00cb587 -
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: sisfb: Fix strbuf array overflow Los valores de las variables xres e yres se colocan en strbuf. Estas variables se obtienen de strbuf1. La matriz strbuf1 contiene caracteres numéricos y un espacio si la matriz contiene caracteres que no son dígitos. Luego, al ejecutar sprintf(strbuf, "%ux%ux8", xres, yres); se escribirán más de 16 bytes en strbuf. Se sugiere aumentar el tamaño de la matriz strbuf a 24. Encontrado por Linux Verification Center (linuxtesting.org) con SVACE.

08 Nov 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-08 06:15

Updated : 2024-11-29 20:35


NVD link : CVE-2024-50180

Mitre link : CVE-2024-50180

CVE.ORG link : CVE-2024-50180


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-787

Out-of-bounds Write