Back to search
CVE-2024-36957
Published: May 30, 2024
Modified: May 23, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. To ensure the copied buffer is NUL terminated, we use memdup_user_nul instead.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected dae49384d0d7695540e2d75168f323cef1384810 - < bcdac70adceb44373da204c3c297f2a98e13216eaffected 3a2eb515d1367c0f667b76089a6e727279c688b8 - < ec697fbd38cbe2eef0948b58673b146caa95402faffected 3a2eb515d1367c0f667b76089a6e727279c688b8 - < 8f11fe3ea3fc261640cfc8a5addd838000407c67affected 3a2eb515d1367c0f667b76089a6e727279c688b8 - < 0a0285cee11c7dcc2657bcd456e469958a5009e7affected 3a2eb515d1367c0f667b76089a6e727279c688b8 - < fc3e0076c1f82fe981d321e3a7bad4cbee542c19+4 more versions |
Linux | Linux | affected 5.12unaffected 0 - < 5.12unaffected 5.10.217 - <= 5.10.*unaffected 5.15.159 - <= 5.15.*unaffected 6.1.91 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now