In the Linux kernel, the following vulnerability has been resolved:
nfsd: ensure that nfsd4_fattr_args.context is zeroed out
If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to
checking for the security label, then args.context will be set to
uninitialized junk on the stack, which we'll then try to free.
Initialize it early.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Dec 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
Wed, 06 Nov 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-457 |
Sun, 29 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 19 Sep 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-665 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
Fri, 13 Sep 2024 23:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Fri, 13 Sep 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4_fattr_args.context is zeroed out If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'll then try to free. Initialize it early. | |
Title | nfsd: ensure that nfsd4_fattr_args.context is zeroed out | |
References |
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-09-13T05:29:24.787Z
Updated: 2024-12-19T09:21:11.823Z
Reserved: 2024-09-11T15:12:18.250Z
Link: CVE-2024-46697
Vulnrichment
Updated: 2024-09-29T15:05:20.313Z
NVD
Status : Analyzed
Published: 2024-09-13T06:15:14.500
Modified: 2024-09-19T17:53:43.173
Link: CVE-2024-46697
Redhat