Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2024-26638
HistoryMar 18, 2024 - 11:15 a.m.

CVE-2024-26638

2024-03-1811:15:10
Debian Security Bug Tracker
security-tracker.debian.org
6
linux kernel
nbd driver
vulnerability
resolved
struct msghdr
uninitialized value
kmsan
tcp_recvmsg
inet_recvmsg
sock_recvmsg
__sock_xmit
nbd_read_reply
recv_work
process_one_work animation

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.8%

JSON

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg->msg_get_inq value can be uninitialized [1] struct msghdr got many new fields recently, we should always make sure their values is zero by default. [1] BUG: KMSAN: uninit-value in tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571 tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571 inet_recvmsg+0x131/0x580 net/ipv4/af_inet.c:879 sock_recvmsg_nosec net/socket.c:1044 [inline] sock_recvmsg+0x12b/0x1e0 net/socket.c:1066 __sock_xmit+0x236/0x5c0 drivers/block/nbd.c:538 nbd_read_reply drivers/block/nbd.c:732 [inline] recv_work+0x262/0x3100 drivers/block/nbd.c:863 process_one_work kernel/workqueue.c:2627 [inline] process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2700 worker_thread+0xf45/0x1490 kernel/workqueue.c:2781 kthread+0x3ed/0x540 kernel/kthread.c:388 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242 Local variable msg created at: __sock_xmit+0x4c/0x5c0 drivers/block/nbd.c:513 nbd_read_reply drivers/block/nbd.c:732 [inline] recv_work+0x262/0x3100 drivers/block/nbd.c:863 CPU: 1 PID: 7465 Comm: kworker/u5:1 Not tainted 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 Workqueue: nbd5-recv recv_work

Related

cve 1
nvd 1
redhatcve 1
cvelist 1
ubuntucve 1
nessus 12
osv 9
ubuntu 6
openvas 9
cve
cve
CVE-2024-26638
2024-03-18 11:15:10
nvd
nvd
CVE-2024-26638
2024-03-18 11:15:10
redhatcve
redhatcve
CVE-2024-26638
2024-03-18 14:23:14
cvelist
cvelist
CVE-2024-26638 nbd: always initialize struct msghdr completely
2024-03-18 10:14:48
ubuntucve
ubuntucve
CVE-2024-26638
2024-03-18 00:00:00
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)
2024-05-07 00:00:00
Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)
2024-06-26 00:00:00
Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6819-2)
2024-06-11 00:00:00
osv
osv
linux-oem-6.5 vulnerabilities
2024-05-07 15:22:10
linux-nvidia-6.5 vulnerabilities
2024-06-14 15:59:05
linux-laptop vulnerabilities
2024-06-10 16:09:36
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2024-05-07 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (HWE) vulnerabilities
2024-06-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6765-1)
2024-05-08 00:00:00
Ubuntu: Security Advisory (USN-6818-4)
2024-06-19 00:00:00
Ubuntu: Security Advisory (USN-6819-3)
2024-06-13 00:00:00

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.8%

JSON
Related for DEBIANCVE:CVE-2024-26638
cve1nvd1redhatcve1cvelist1ubuntucve1nessus12osv9ubuntu6openvas9