In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to the kernel log in hex format as a form of debugging. But when that xattr size is bigger than the expected size, printing it out can cause an access off the end of the buffer. Fix this all up by properly restricting the size of the debug hex dump in the kernel log.
History

Fri, 20 Dec 2024 08:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 20 Aug 2024 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-12T12:20:43.508Z

Updated: 2024-12-19T09:07:40.030Z

Reserved: 2024-07-12T12:17:45.579Z

Link: CVE-2024-40902

cve-icon Vulnrichment

Updated: 2024-08-02T04:39:55.415Z

cve-icon NVD

Status : Modified

Published: 2024-07-12T13:15:13.583

Modified: 2024-11-21T09:31:49.273

Link: CVE-2024-40902

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-07-12T00:00:00Z

Links: CVE-2024-40902 - Bugzilla