CVE-2024-46823

Published: Sep 27, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array doesn't exist out of the 'overflow_allocation_test' function scope. However, it is being used as a driver name when calling 'kunit_driver_create' from 'kunit_device_register'. It produces the kernel panic with KASAN enabled. Since this variable is used in one place only, remove it and pass the device name into kunit_device_register directly as an ascii string.

Vendor	Product	Versions
Linux	Linux	affected `d03c720e03bd9bf0b784d80b5d3ede7e2daf3b6e - < d1207f07decc66546a7fa463d2f335a856c986ef` affected `d03c720e03bd9bf0b784d80b5d3ede7e2daf3b6e - < 92e9bac18124682c4b99ede9ee3bcdd68f121e92`
Linux	Linux	affected `6.8` unaffected `0 - < 6.8` unaffected `6.10.10 - <= 6.10.` unaffected `6.11 - <= `

References

https://git.kernel.org/stable/c/d1207f07decc66546a7fa463d2f335a856c986ef

https://git.kernel.org/stable/c/92e9bac18124682c4b99ede9ee3bcdd68f121e92

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-46823

Description

Affected Products

References