CVE-2024-39480 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results. Most obviously if the command buffer is already full but cp, the cursor position, is in the middle of the buffer, then we will write past the end of the supplied buffer. Fix this by replacing the dubious strncpy() calls with memmove()/memcpy() calls plus explicit boundary checks to make sure we have enough space before we start moving characters around.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5
https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7
https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96
https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a
https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454
https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33
https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7
https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992
https://lore.kernel.org/linux-cve-announce/2024070519-CVE-2024-39480-b85a@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-39480
https://www.cve.org/CVERecord?id=CVE-2024-39480

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00033}`	epss `{'score': 0.00034}`

Wed, 06 Nov 2024 08:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:linux:linux_kernel:-:::::::*
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-05T06:55:09.241Z

Updated: 2025-05-04T09:16:41.644Z

Reserved: 2024-06-25T14:23:23.746Z

Link: CVE-2024-39480

Vulnrichment

Updated: 2024-08-02T04:26:15.655Z

NVD

Status : Modified

Published: 2024-07-05T07:15:10.590

Modified: 2024-11-21T09:27:46.630

Link: CVE-2024-39480

Redhat

Severity : Low

Publid Date: 2024-07-05T00:00:00Z

Links: CVE-2024-39480 - Bugzilla

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39480", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-25T14:23:23.746Z", "datePublished": "2024-07-05T06:55:09.241Z", "dateUpdated": "2025-05-04T09:16:41.644Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:16:41.644Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/debug/kdb/kdb_io.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "fb824a99e148ff272a53d71d84122728b5f00992", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ddd2972d8e2dee3b33e8121669d55def59f0be8a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "cfdc2fa4db57503bc6d3817240547c8ddc55fa96", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f636a40834d22e5e3fc748f060211879c056cd33", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "33d9c814652b971461d1e30bead6792851c209e7", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "107e825cc448b7834b31e8b1b3cf0f57426d46d5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f694da720dcf795dc3eb97bf76d220213f76aaa7", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e9730744bf3af04cda23799029342aa3cddbc454", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/debug/kdb/kdb_io.c"], "versions": [{"version": "4.19.316", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.278", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.219", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.161", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.94", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.34", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.5", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.19.316"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.4.278"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.219"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.161"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.94"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.6.34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.9.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992"}, {"url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a"}, {"url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96"}, {"url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33"}, {"url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7"}, {"url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5"}, {"url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7"}, {"url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454"}], "title": "kdb: Fix buffer overflow during tab-complete", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.655Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-121", "lang": "en", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "1da177e4c3f4", "status": "affected", "lessThan": "fb824a99e148", "versionType": "git"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "ddd2972d8e2d", "versionType": "git"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "cfdc2fa4db57", "versionType": "git"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "f636a40834d2", "versionType": "git"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "33d9c814652b", "versionType": "git"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "107e825cc448", "versionType": "git"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "f694da720dcf", "versionType": "git"}, {"version": "1da177e4c3f4", "status": "affected", "lessThan": "e9730744bf3a", "versionType": "git"}, {"version": "4.19.316", "status": "unaffected", "lessThanOrEqual": "4.20", "versionType": "git"}, {"version": "5.4.278", "status": "unaffected", "lessThanOrEqual": "5.5", "versionType": "git"}, {"version": "5.10.219", "status": "unaffected", "lessThanOrEqual": "5.11", "versionType": "git"}, {"version": "5.15.161", "status": "unaffected", "lessThanOrEqual": "5.16", "versionType": "git"}, {"version": "6.1.94", "status": "unaffected", "lessThanOrEqual": "6.2", "versionType": "git"}, {"version": "6.6.34", "status": "unaffected", "lessThanOrEqual": "6.7", "versionType": "git"}, {"version": "6.9.5", "status": "unaffected", "lessThanOrEqual": "6.10", "versionType": "git"}, {"version": "6.10", "status": "unaffected", "lessThanOrEqual": "*", "versionType": "git"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-20T03:55:14.759316Z", "id": "CVE-2024-39480", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T14:14:17.550Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2024-39480 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-06-25T14:23:23.746Z (string)

datePublished : 2024-07-05T06:55:09.241Z (string)

dateUpdated : 2025-05-04T09:16:41.644Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T09:16:41.644Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results. Most obviously if the command buffer is already full but cp, the cursor position, is in the middle of the buffer, then we will write past the end of the supplied buffer. Fix this by replacing the dubious strncpy() calls with memmove()/memcpy() calls plus explicit boundary checks to make sure we have enough space before we start moving characters around. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : kernel/debug/kdb/kdb_io.c (string)

]

versions : [ »

0 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : fb824a99e148ff272a53d71d84122728b5f00992 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : f636a40834d22e5e3fc748f060211879c056cd33 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : 33d9c814652b971461d1e30bead6792851c209e7 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : 107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : e9730744bf3af04cda23799029342aa3cddbc454 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : kernel/debug/kdb/kdb_io.c (string)

]

versions : [ »

0 : { »

version : 4.19.316 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

1 : { »

version : 5.4.278 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 5.10.219 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.15.161 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 6.1.94 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 6.6.34 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 6.9.5 (string)

lessThanOrEqual : 6.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.10 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 4.19.316 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 5.4.278 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 5.10.219 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 5.15.161 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 6.1.94 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 6.6.34 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 6.9.5 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionEndExcluding : 6.10 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

}

2 : { »

url : https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454 (string)

}

]

title : kdb: Fix buffer overflow during tab-complete (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T04:26:15.655Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-121 (string)

lang : en (string)

description : CWE-121 Stack-based Buffer Overflow (string)

}

]

}

]

affected : [ »

0 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unaffected (string)

versions : [ »

0 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : fb824a99e148 (string)

versionType : git (string)

}

1 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : ddd2972d8e2d (string)

versionType : git (string)

}

2 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : cfdc2fa4db57 (string)

versionType : git (string)

}

3 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : f636a40834d2 (string)

versionType : git (string)

}

4 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : 33d9c814652b (string)

versionType : git (string)

}

5 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : 107e825cc448 (string)

versionType : git (string)

}

6 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : f694da720dcf (string)

versionType : git (string)

}

7 : { »

version : 1da177e4c3f4 (string)

status : affected (string)

lessThan : e9730744bf3a (string)

versionType : git (string)

}

8 : { »

version : 4.19.316 (string)

status : unaffected (string)

lessThanOrEqual : 4.20 (string)

versionType : git (string)

}

9 : { »

version : 5.4.278 (string)

status : unaffected (string)

lessThanOrEqual : 5.5 (string)

versionType : git (string)

}

10 : { »

version : 5.10.219 (string)

status : unaffected (string)

lessThanOrEqual : 5.11 (string)

versionType : git (string)

}

11 : { »

version : 5.15.161 (string)

status : unaffected (string)

lessThanOrEqual : 5.16 (string)

versionType : git (string)

}

12 : { »

version : 6.1.94 (string)

status : unaffected (string)

lessThanOrEqual : 6.2 (string)

versionType : git (string)

}

13 : { »

version : 6.6.34 (string)

status : unaffected (string)

lessThanOrEqual : 6.7 (string)

versionType : git (string)

}

14 : { »

version : 6.9.5 (string)

status : unaffected (string)

lessThanOrEqual : 6.10 (string)

versionType : git (string)

}

15 : { »

version : 6.10 (string)

status : unaffected (string)

lessThanOrEqual : * (string)

versionType : git (string)

}

]

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 7.8 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : LOW (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-08-20T03:55:14.759316Z (string)

id : CVE-2024-39480 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-08-27T14:14:17.550Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.655Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-39480", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-20T03:55:14.759316Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "fb824a99e148", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "ddd2972d8e2d", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "cfdc2fa4db57", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "f636a40834d2", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "33d9c814652b", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "107e825cc448", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "f694da720dcf", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "e9730744bf3a", "versionType": "git"}, {"status": "unaffected", "version": "4.19.316", "versionType": "git", "lessThanOrEqual": "4.20"}, {"status": "unaffected", "version": "5.4.278", "versionType": "git", "lessThanOrEqual": "5.5"}, {"status": "unaffected", "version": "5.10.219", "versionType": "git", "lessThanOrEqual": "5.11"}, {"status": "unaffected", "version": "5.15.161", "versionType": "git", "lessThanOrEqual": "5.16"}, {"status": "unaffected", "version": "6.1.94", "versionType": "git", "lessThanOrEqual": "6.2"}, {"status": "unaffected", "version": "6.6.34", "versionType": "git", "lessThanOrEqual": "6.7"}, {"status": "unaffected", "version": "6.9.5", "versionType": "git", "lessThanOrEqual": "6.10"}, {"status": "unaffected", "version": "6.10", "versionType": "git", "lessThanOrEqual": "*"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-20T13:36:00.522Z"}}], "cna": {"title": "kdb: Fix buffer overflow during tab-complete", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "fb824a99e148ff272a53d71d84122728b5f00992", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ddd2972d8e2dee3b33e8121669d55def59f0be8a", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "cfdc2fa4db57503bc6d3817240547c8ddc55fa96", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f636a40834d22e5e3fc748f060211879c056cd33", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "33d9c814652b971461d1e30bead6792851c209e7", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "107e825cc448b7834b31e8b1b3cf0f57426d46d5", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f694da720dcf795dc3eb97bf76d220213f76aaa7", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "e9730744bf3af04cda23799029342aa3cddbc454", "versionType": "git"}], "programFiles": ["kernel/debug/kdb/kdb_io.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.19.316", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.278", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.219", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.161", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.94", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.34", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.5", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["kernel/debug/kdb/kdb_io.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992"}, {"url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a"}, {"url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96"}, {"url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33"}, {"url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7"}, {"url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5"}, {"url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7"}, {"url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.316"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.278"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.219"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.161"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.94"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.10"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:16:41.644Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39480", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:16:41.644Z", "dateReserved": "2024-06-25T14:23:23.746Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-05T06:55:09.241Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T04:26:15.655Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 7.8 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : LOW (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-39480 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-08-20T03:55:14.759316Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : fb824a99e148 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : ddd2972d8e2d (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : cfdc2fa4db57 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : f636a40834d2 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : 33d9c814652b (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : 107e825cc448 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : f694da720dcf (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 1da177e4c3f4 (string)

lessThan : e9730744bf3a (string)

versionType : git (string)

}

8 : { »

status : unaffected (string)

version : 4.19.316 (string)

versionType : git (string)

lessThanOrEqual : 4.20 (string)

}

9 : { »

status : unaffected (string)

version : 5.4.278 (string)

versionType : git (string)

lessThanOrEqual : 5.5 (string)

}

10 : { »

status : unaffected (string)

version : 5.10.219 (string)

versionType : git (string)

lessThanOrEqual : 5.11 (string)

}

11 : { »

status : unaffected (string)

version : 5.15.161 (string)

versionType : git (string)

lessThanOrEqual : 5.16 (string)

}

12 : { »

status : unaffected (string)

version : 6.1.94 (string)

versionType : git (string)

lessThanOrEqual : 6.2 (string)

}

13 : { »

status : unaffected (string)

version : 6.6.34 (string)

versionType : git (string)

lessThanOrEqual : 6.7 (string)

}

14 : { »

status : unaffected (string)

version : 6.9.5 (string)

versionType : git (string)

lessThanOrEqual : 6.10 (string)

}

15 : { »

status : unaffected (string)

version : 6.10 (string)

versionType : git (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unaffected (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-121 (string)

description : CWE-121 Stack-based Buffer Overflow (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-08-20T13:36:00.522Z (string)

}

]

cna : { »

title : kdb: Fix buffer overflow during tab-complete (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : fb824a99e148ff272a53d71d84122728b5f00992 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : f636a40834d22e5e3fc748f060211879c056cd33 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : 33d9c814652b971461d1e30bead6792851c209e7 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : 107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (string)

lessThan : e9730744bf3af04cda23799029342aa3cddbc454 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : kernel/debug/kdb/kdb_io.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : unaffected (string)

version : 4.19.316 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

1 : { »

status : unaffected (string)

version : 5.4.278 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

2 : { »

status : unaffected (string)

version : 5.10.219 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

3 : { »

status : unaffected (string)

version : 5.15.161 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

4 : { »

status : unaffected (string)

version : 6.1.94 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

5 : { »

status : unaffected (string)

version : 6.6.34 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

6 : { »

status : unaffected (string)

version : 6.9.5 (string)

versionType : semver (string)

lessThanOrEqual : 6.9.* (string)

}

7 : { »

status : unaffected (string)

version : 6.10 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : kernel/debug/kdb/kdb_io.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

}

2 : { »

url : https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.316 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.278 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.219 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.161 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.1.94 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.6.34 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.9.5 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.10 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T09:16:41.644Z (string)

}

cveMetadata : { »

cveId : CVE-2024-39480 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T09:16:41.644Z (string)

dateReserved : 2024-06-25T14:23:23.746Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-07-05T06:55:09.241Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "34445C8D-D7E6-4796-B792-C9257E89257B", "versionEndExcluding": "4.19.316", "versionStartIncluding": "4.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E2371B0-4787-4038-B526-021D4CF93B31", "versionEndExcluding": "5.4.278", "versionStartIncluding": "5.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5311C980-4CDF-4C10-8875-F04ED0F03398", "versionEndExcluding": "5.10.219", "versionStartIncluding": "5.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3", "versionEndExcluding": "5.15.161", "versionStartIncluding": "5.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5A86346-2984-4261-AC12-29EACB186000", "versionEndExcluding": "6.1.94", "versionStartIncluding": "6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC0C6E24-8240-425A-BD1A-F78E6D3A67FC", "versionEndExcluding": "6.6.34", "versionStartIncluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "54EDFD02-25E6-4BC8-9AD0-0A59881F400A", "versionEndExcluding": "6.9.5", "versionStartIncluding": "6.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: kdb: corrige el desbordamiento del b\u00fafer durante la finalizaci\u00f3n de tabulaci\u00f3n Actualmente, cuando el usuario intenta completar el s\u00edmbolo con la tecla Tab, kdb usar\u00e1 strncpy() para insertar el s\u00edmbolo completado en el b\u00fafer de comando. Desafortunadamente, pasa el tama\u00f1o del b\u00fafer de origen en lugar del destino a strncpy() con resultados predeciblemente horribles. Lo m\u00e1s obvio es que si el b\u00fafer de comando ya est\u00e1 lleno pero cp, la posici\u00f3n del cursor, est\u00e1 en el medio del b\u00fafer, entonces escribiremos m\u00e1s all\u00e1 del final del b\u00fafer proporcionado. Solucione este problema reemplazando las dudosas llamadas strncpy() con llamadas memmove()/memcpy() m\u00e1s comprobaciones expl\u00edcitas de los l\u00edmites para asegurarnos de que tenemos suficiente espacio antes de comenzar a mover los personajes."}], "id": "CVE-2024-39480", "lastModified": "2024-11-21T09:27:46.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-07-05T07:15:10.590", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-121"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 34445C8D-D7E6-4796-B792-C9257E89257B (string)

versionEndExcluding : 4.19.316 (string)

versionStartIncluding : 4.19 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8E2371B0-4787-4038-B526-021D4CF93B31 (string)

versionEndExcluding : 5.4.278 (string)

versionStartIncluding : 5.4 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5311C980-4CDF-4C10-8875-F04ED0F03398 (string)

versionEndExcluding : 5.10.219 (string)

versionStartIncluding : 5.10 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3 (string)

versionEndExcluding : 5.15.161 (string)

versionStartIncluding : 5.15 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B5A86346-2984-4261-AC12-29EACB186000 (string)

versionEndExcluding : 6.1.94 (string)

versionStartIncluding : 6.1 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AC0C6E24-8240-425A-BD1A-F78E6D3A67FC (string)

versionEndExcluding : 6.6.34 (string)

versionStartIncluding : 6.6 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 54EDFD02-25E6-4BC8-9AD0-0A59881F400A (string)

versionEndExcluding : 6.9.5 (string)

versionStartIncluding : 6.9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se resolvió la siguiente vulnerabilidad: kdb: corrige el desbordamiento del búfer durante la finalización de tabulación Actualmente, cuando el usuario intenta completar el símbolo con la tecla Tab, kdb usará strncpy() para insertar el símbolo completado en el búfer de comando. Desafortunadamente, pasa el tamaño del búfer de origen en lugar del destino a strncpy() con resultados predeciblemente horribles. Lo más obvio es que si el búfer de comando ya está lleno pero cp, la posición del cursor, está en el medio del búfer, entonces escribiremos más allá del final del búfer proporcionado. Solucione este problema reemplazando las dudosas llamadas strncpy() con llamadas memmove()/memcpy() más comprobaciones explícitas de los límites para asegurarnos de que tenemos suficiente espacio antes de comenzar a mover los personajes. (string)

}

]

id : CVE-2024-39480 (string)

lastModified : 2024-11-21T09:27:46.630 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

published : 2024-07-05T07:15:10.590 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Patch (string)

]

url : https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-120 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-121 (string)

}

]

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: kdb: Fix buffer overflow during tab-complete", "id": "2296056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296056"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-121", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nkdb: Fix buffer overflow during tab-complete\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around."], "name": "CVE-2024-39480", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39480\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-39480\nhttps://lore.kernel.org/linux-cve-announce/2024070519-CVE-2024-39480-b85a@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: kdb: Fix buffer overflow during tab-complete (string)

id : 2296056 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2296056 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 4.4 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (string)

status : draft (string)

}

cwe : CWE-121 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results. Most obviously if the command buffer is already full but cp, the cursor position, is in the middle of the buffer, then we will write past the end of the supplied buffer. Fix this by replacing the dubious strncpy() calls with memmove()/memcpy() calls plus explicit boundary checks to make sure we have enough space before we start moving characters around. (string)

]

name : CVE-2024-39480 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Fix deferred (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Fix deferred (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Fix deferred (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Fix deferred (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-07-05T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2024-39480 https://nvd.nist.gov/vuln/detail/CVE-2024-39480 https://lore.kernel.org/linux-cve-announce/2024070519-CVE-2024-39480-b85a@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object