An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Metrics
Affected Vendors & Products
References
History
Mon, 25 Nov 2024 11:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-1314 |
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 16 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-1314 |
Sat, 14 Sep 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-01-17T15:16:45.148Z
Updated: 2024-11-25T09:43:21.934Z
Reserved: 2024-01-17T13:11:12.669Z
Link: CVE-2024-0646
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-17T16:15:47.190
Modified: 2024-11-25T10:44:03.660
Link: CVE-2024-0646
Redhat