THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-39478

crypto: starfive - Do not free stack buffer

AssignerLinux
Reserved2024-06-25
Published2024-07-05
Updated2024-07-15

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.

Product status

Default status
unaffected

1da177e4c3f4 before 5944de192663
affected

1da177e4c3f4 before d7f01649f4ea
affected

Default status
affected

6.9.5
unaffected

6.10
unaffected

References

https://git.kernel.org/stable/c/5944de192663f272033501dcd322b008fca72006

https://git.kernel.org/stable/c/d7f01649f4eaf1878472d3d3f480ae1e50d98f6c

cve.org CVE-2024-39478

nvd.nist.gov CVE-2024-39478

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-39478
© Copyright 2024 THREATINT. Made in Cyprus with +