In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_420xx - fix off by one in uof_get_name() This is called from uof_get_name_420xx() where "num_objs" is the ARRAY_SIZE() of fw_objs[]. The > needs to be >= to prevent an out of bounds access.
History

Wed, 25 Dec 2024 13:30:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Important


Tue, 24 Dec 2024 11:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_420xx - fix off by one in uof_get_name() This is called from uof_get_name_420xx() where "num_objs" is the ARRAY_SIZE() of fw_objs[]. The > needs to be >= to prevent an out of bounds access.
Title crypto: qat/qat_420xx - fix off by one in uof_get_name()
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-12-24T11:29:19.315Z

Updated: 2024-12-24T11:29:19.315Z

Reserved: 2024-11-19T17:17:25.004Z

Link: CVE-2024-53163

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2024-12-24T12:15:24.670

Modified: 2024-12-24T12:15:24.670

Link: CVE-2024-53163

cve-icon Redhat

Severity : Important

Publid Date: 2024-12-24T00:00:00Z

Links: CVE-2024-53163 - Bugzilla