CVE-2024-50131

{"id": "CVE-2024-50131", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-11-05T18:15:15.917", "references": [{"url": "https://git.kernel.org/stable/c/02874ca52df2ca2423ba6122039315ed61c25972", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0b6e2e22cb23105fcb171ab92f0f7516c69c8471", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5e3231b352725ff4a3a0095e6035af674f2d8725", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5fd942598ddeed9a212d1ff41f9f5b47bcc990a7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a14a075a14af8d622c576145455702591bdde09d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b86b0d6eea204116e4185acc35041ca4ff11a642", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f4ed40d1c669bba1a54407d8182acdc405683f29", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Consider the NULL character when validating the event length\n\nstrlen() returns a string length excluding the null byte. If the string\nlength equals to the maximum buffer length, the buffer will have no\nspace for the NULL terminating character.\n\nThis commit checks this condition and returns failure for it."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rastreo: considerar el car\u00e1cter NULL al validar la longitud del evento strlen() devuelve una longitud de cadena que excluye el byte nulo. Si la longitud de la cadena es igual a la longitud m\u00e1xima del b\u00fafer, el b\u00fafer no tendr\u00e1 espacio para el car\u00e1cter de terminaci\u00f3n NULL. Esta confirmaci\u00f3n verifica esta condici\u00f3n y devuelve un error."}], "lastModified": "2024-11-08T16:15:47.497", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43F0C645-25E2-4977-90D1-68667F711484", "versionEndExcluding": "5.15.170", "versionStartIncluding": "5.1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C08A77A6-E42E-4EFD-B5A1-2BF6CBBB42AE", "versionEndExcluding": "6.1.115", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D15CA59-D15C-4ACD-8B03-A072DEAD2081", "versionEndExcluding": "6.6.59", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4486B12-007B-4794-9857-F07145637AA1", "versionEndExcluding": "6.11.6", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}