CVE-2024-49995

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

24 Apr 2025, 14:15

Type	Values Removed	Values Added
Summary	(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: protección contra el desbordamiento de búfer de cadena Smatch informa que copiar media_name e if_name a name_parts puede sobrescribir el destino. .../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' demasiado grande para 'name_parts->media_name' (32 vs 16) .../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' demasiado grande para 'name_parts->if_name' (1010102 vs 16) Este parece ser el caso, así que protéjase contra esta posibilidad usando strscpy() y fallando si ocurre un truncamiento. Introducido por el commit b97bf3fd8f6a ("[TIPC] Fusión inicial") Compilación probada únicamente.
Summary	(en) In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun Smatch reports that copying media_name and if_name to name_parts may overwrite the destination. .../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' too large for 'name_parts->media_name' (32 vs 16) .../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' too large for 'name_parts->if_name' (1010102 vs 16) This does seem to be the case so guard against this possibility by using strscpy() and failing if truncation occurs. Introduced by commit b97bf3fd8f6a ("[TIPC] Initial merge") Compile tested only.	(en) Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CPE	cpe:2.3:o:linux:linux_kernel::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : unknown
CWE	~~NVD-CWE-noinfo~~
References	~~{'url': 'https://git.kernel.org/stable/c/12d26aa7fd3cbdbc5149b6e516563478d575026e', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/2ed7f42dfd3edb387034128ca5b0f639836d4ddd', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/54dae0e9063ed23c9acf8d5ab9b18d3426a8ac18', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/6555a2a9212be6983d2319d65276484f7c5f431a', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/80c0be7bcf940ce9308311575c3aff8983c9b97a', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/8298b6e45fb4d8944f356b08e4ea3e54df5e0488', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/a18c7b239d02aafb791ae2c45226f6bb40641792', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/c79768ffba5b6e95569a463a69b3101c95694867', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/e2b2558971e02ca33eb637a8350d68a48b3e8e46', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~

Information

Published : 2024-10-21 18:15

Updated : 2025-04-24 14:15

NVD link : CVE-2024-49995

Mitre link : CVE-2024-49995

CVE.ORG link : CVE-2024-49995

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-49995

Attach tags to `CVE-2024-49995`