CVE-2024-45008

Description

In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at input_mt_init_slots(), for num_slots is supplied from userspace using ioctl(UI_DEV_CREATE). Since nobody knows possible max slots, this patch chose 1024.

Reserved 2024-08-21 | Published 2024-09-04 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 2829c80614890624456337e47320289112785f3e
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 87f610a1a7fbdb1f2e3d90b54c955bd3b8a0c322
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 05dd9aabd04f9b5eb04dab9bb83d8c3e982d7549
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 95f73d01f547dfc67fda3022c51e377a0454b505
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 94736334b8a25e4fae8daa6934e54a31f099be43
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 8f04edd554d191834e9e1349ef030318ea6b11ba
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before cd19f1799c32ba7b874474b1b968815ce5364f73
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 99d3bf5f7377d42f8be60a6b9cb60fb0be34dceb
affected

Default status
affected

4.19.321
unaffected

5.4.283
unaffected

5.10.225
unaffected

5.15.166
unaffected

6.1.107
unaffected

6.6.48
unaffected

6.10.7
unaffected

6.11
unaffected

References

git.kernel.org/...c/2829c80614890624456337e47320289112785f3e

git.kernel.org/...c/87f610a1a7fbdb1f2e3d90b54c955bd3b8a0c322

git.kernel.org/...c/05dd9aabd04f9b5eb04dab9bb83d8c3e982d7549

git.kernel.org/...c/95f73d01f547dfc67fda3022c51e377a0454b505

git.kernel.org/...c/94736334b8a25e4fae8daa6934e54a31f099be43

git.kernel.org/...c/8f04edd554d191834e9e1349ef030318ea6b11ba

git.kernel.org/...c/cd19f1799c32ba7b874474b1b968815ce5364f73

git.kernel.org/...c/99d3bf5f7377d42f8be60a6b9cb60fb0be34dceb

cve.org (CVE-2024-45008)

nvd.nist.gov (CVE-2024-45008)

Download JSON