Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-23849HistoryJan 23, 2024 - 9:15 a.m.
CVE-2024-23849
2024-01-2309:15:36
Debian Security Bug Tracker
security-tracker.debian.org
14
linux kernel
rds protocol
off-by-one error
out-of-bounds access
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.76-1 | linux_6.1.76-1_all.deb |
| Debian | 11 | all | linux | < 5.10.216-1 | linux_5.10.216-1_all.deb |
| Debian | 999 | all | linux | < 6.6.15-1 | linux_6.6.15-1_all.deb |
| Debian | 13 | all | linux | < 6.6.15-1 | linux_6.6.15-1_all.deb |
Related
cbl_mariner
cbl_mariner
CVE-2024-23849 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
ubuntucve
ubuntucve
CVE-2024-23849
2024-01-23 00:00:00
redhatcve
redhatcve
CVE-2024-23849
2024-01-25 19:02:44
cvelist
cvelist
CVE-2024-23849
2024-01-23 00:00:00
nvd
nvd
CVE-2024-23849
2024-01-23 09:15:36
prion
prion
Out-of-bounds
2024-01-23 09:15:00
cnvd
cnvd
Unspecified vulnerability in Linux kernel (CNVD-2024-06429)
2024-01-29 00:00:00
cve
cve
CVE-2024-23849
2024-01-23 09:15:36
fedora
fedora
[SECURITY] Fedora 38 Update: kernel-headers-6.7.3-100.fc38
2024-02-06 03:43:04
[SECURITY] Fedora 38 Update: kernel-6.7.3-100.fc38
2024-02-06 03:43:03
[SECURITY] Fedora 39 Update: kernel-6.7.3-200.fc39
2024-02-06 01:18:52
openvas
openvas
Fedora: Security Advisory for kernel-headers (FEDORA-2024-cf47b35a6c)
2024-02-07 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2024-cf47b35a6c)
2024-02-07 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2024-2116a8468b)
2024-02-06 00:00:00
nessus
nessus
Fedora 38 : kernel / kernel-headers (2024-cf47b35a6c)
2024-02-06 00:00:00
Amazon Linux AMI : kernel (ALAS-2024-1923)
2024-03-05 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-038)
2024-02-20 00:00:00
amazon
amazon
Important: kernel
2024-02-28 23:54:00
Important: kernel
2024-02-29 10:03:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0206
2024-02-14 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0574
2024-02-29 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0738
2024-03-19 00:00:00
osv
osv
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-05-07 00:00:00
Linux kernel (BlueField) vulnerabilities
2024-05-14 00:00:00
Linux kernel (OEM) vulnerabilities
2024-03-11 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2024-06-05 19:11:11
debian
debian
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2024-23849