In the Linux kernel, the following vulnerability has been resolved:
wifi: nl80211: Avoid address calculations via out of bounds array indexing
Before request->channels[] can be used, request->n_channels must be set.
Additionally, address calculations for memory after the "channels" array
need to be calculated from the allocation base ("request") rather than
via the first "out of bounds" index of "channels", otherwise run-time
bounds checking will throw a warning.
References
Configurations
Configuration 1 (hide)
|
History
30 Aug 2024, 12:47
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-129 | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
First Time |
Linux linux Kernel
Linux |
|
References | () https://git.kernel.org/stable/c/4e2a5566462b53db7d4c4722da86eedf0b8f546c - Patch | |
References | () https://git.kernel.org/stable/c/838c7b8f1f278404d9d684c34a8cb26dc41aaaa1 - Patch | |
References | () https://git.kernel.org/stable/c/8fa4d56564ee7cc2ee348258d88efe191d70dd7f - Patch | |
References | () https://git.kernel.org/stable/c/ed74398642fcb19f6ff385c35a7d512c6663e17b - Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
20 Jun 2024, 12:44
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
19 Jun 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-19 14:15
Updated : 2024-10-30 20:35
NVD link : CVE-2024-38562
Mitre link : CVE-2024-38562
CVE.ORG link : CVE-2024-38562
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-129
Improper Validation of Array Index