vulnerability
Ubuntu: (Multiple Advisories) (CVE-2024-38541): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jun 19, 2024 | Aug 9, 2024 | Feb 20, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jun 19, 2024
Added
Aug 9, 2024
Modified
Feb 20, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
of: module: add buffer overflow check in of_modalias()
In of_modalias(), if the buffer happens to be too small even for the 1st
snprintf() call, the len parameter will become negative and str parameter
(if not NULL initially) will point beyond the buffer's end. Add the buffer
overflow check after the 1st snprintf() call and fix such check after the
strlen() call (accounting for the terminating NUL char).
Solution(s)
ubuntu-upgrade-linux-image-6-8-0-1008-gkeubuntu-upgrade-linux-image-6-8-0-1009-raspiubuntu-upgrade-linux-image-6-8-0-1010-ibmubuntu-upgrade-linux-image-6-8-0-1010-oemubuntu-upgrade-linux-image-6-8-0-1010-oracleubuntu-upgrade-linux-image-6-8-0-1010-oracle-64kubuntu-upgrade-linux-image-6-8-0-1011-nvidiaubuntu-upgrade-linux-image-6-8-0-1011-nvidia-64kubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatencyubuntu-upgrade-linux-image-6-8-0-1011-nvidia-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-1012-azureubuntu-upgrade-linux-image-6-8-0-1012-azure-fdeubuntu-upgrade-linux-image-6-8-0-1012-gcpubuntu-upgrade-linux-image-6-8-0-1013-awsubuntu-upgrade-linux-image-6-8-0-40-genericubuntu-upgrade-linux-image-6-8-0-40-generic-64kubuntu-upgrade-linux-image-6-8-0-40-lowlatencyubuntu-upgrade-linux-image-6-8-0-40-lowlatency-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-classicubuntu-upgrade-linux-image-ibm-lts-24-04ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-6-8ubuntu-upgrade-linux-image-nvidia-64kubuntu-upgrade-linux-image-nvidia-64k-6-8ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-lowlatency-64kubuntu-upgrade-linux-image-oem-24-04ubuntu-upgrade-linux-image-oem-24-04aubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-24-04
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.