CVE-2024-50074
Published: Oct 29, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). However, since snprintf() returns the would-be-printed size, not the actually output size, the length calculation can still go over the given limit. Use scnprintf() instead of snprintf(), which returns the actually output letters, for addressing the potential out-of-bounds access properly.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 166a0bddcc27de41fe13f861c8348e8e53e988c8 - < 8aadef73ba3b325704ed5cfc4696a25c350182cfaffected 47b3dce100778001cd76f7e9188944b5cb27a76d - < b0641e53e6cb937487b6cfb15772374f0ba149b3affected a44f88f7576bc1916d8d6293f5c62fbe7cbe03e0 - < 1826b6d69bbb7f9ae8711827facbb2ad7f8d0aaaaffected c719b393374d3763e64900ee19aaed767d5a08d6 - < 440311903231c6e6c9bcf8acb6a2885a422e00bcaffected 7f4da759092a1a6ce35fb085182d02de8cc4cc84 - < fca048f222ce9dcbde5708ba2bf81d85a4a27952+11 more versions |
Linux | Linux | affected 6.11unaffected 0 - < 6.11unaffected 4.19.323 - <= 4.19.*unaffected 5.4.285 - <= 5.4.*unaffected 5.10.228 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now