← Back to CVEs
CVE-2024-42292
HIGH7.1
Description
In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within its @env parameter, fixed by correcting size to memmove.
CVE Details
CVSS v3.1 Score7.1
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published8/17/2024
Last Modified11/3/2025
Sourcenvd
Honeypot Sightings0
Affected Products
linux:linux_kernel
Weaknesses (CWE)
CWE-125
References
https://git.kernel.org/stable/c/57fe01d3d04276875c7e3a6dc763517fc05b8762(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/648d5490460d38436640da0812bf7f6351c150d2(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/68d63ace80b76395e7935687ecdb86421adc2168(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/81a15d28f32af01493ae8c5457e0d55314a4167d(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/b59a5e86a3934f1b6a5bd1368902dbc79bdecc90(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/c5ee8adc8d98a49703320d13878ba2b923b142f5(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/d4663536754defff75ff1eca0aaebc41da165a8d(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://git.kernel.org/stable/c/dd6e9894b451e7c85cceb8e9dc5432679a70e7dc(416baaa9-dc9f-4396-8d5f-8c081fb06d67)
https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.