Lucene search
LinuxCVE-2024-46697HistorySep 13, 2024 - 6:15 a.m.
CVE-2024-46697
2024-09-1306:15:14
Linux
web.nvd.nist.gov
26
linux kernel
cve-2024-46697
vulnerability
nfsd
nfsd4_fattr_args
context
In the Linux kernel, the following vulnerability has been resolved:
nfsd: ensure that nfsd4_fattr_args.context is zeroed out
If nfsd4_encode_fattr4 ends up doing a “goto out” before we get to
checking for the security label, then args.context will be set to
uninitialized junk on the stack, which we’ll then try to free.
Initialize it early.
Affected configurations
Node
linuxlinux_kernelRange6.7–6.10.8
ORlinuxlinux_kernelRange6.11.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfsd/nfs4xdr.c"
],
"versions": [
{
"version": "f59388a579c6",
"lessThan": "dd65b324174a",
"status": "affected",
"versionType": "git"
},
{
"version": "f59388a579c6",
"lessThan": "f58bab6fd406",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfsd/nfs4xdr.c"
],
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.8",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
debiancve
debiancve
CVE-2024-46697
2024-09-13 06:15:14
cvelist
cvelist
CVE-2024-46697 nfsd: ensure that nfsd4_fattr_args.context is zeroed out
2024-09-13 05:29:24
nvd
nvd
CVE-2024-46697
2024-09-13 06:15:14
osv
osv
CVE-2024-46697
2024-09-13 06:15:14