In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.
History

Wed, 06 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-05T06:55:07.936Z

Updated: 2024-12-19T09:06:57.282Z

Reserved: 2024-06-25T14:23:23.746Z

Link: CVE-2024-39478

cve-icon Vulnrichment

Updated: 2024-08-02T04:26:16.166Z

cve-icon NVD

Status : Modified

Published: 2024-07-05T07:15:10.470

Modified: 2024-11-21T09:27:45.170

Link: CVE-2024-39478

cve-icon Redhat

Severity : Low

Publid Date: 2024-07-05T00:00:00Z

Links: CVE-2024-39478 - Bugzilla