Lucene search
LinuxCVELIST:CVE-2024-41019HistoryJul 29, 2024 - 6:37 a.m.
CVE-2024-41019 fs/ntfs3: Validate ff offset
2024-07-2906:37:05
Linux
www.cve.org
7
linux kernel
ntfs3
validation
offset
out-of-bound read
EPSS
0
Percentile
10.7%
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Validate ff offset
This adds sanity checks for ff offset. There is a check
on rt->first_free at first, but walking through by ff
without any check. If the second ff is a large offset.
We may encounter an out-of-bound read.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/ntfs3/fslog.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "35652dfa8cc9",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "818a25742864",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "6ae7265a7b81",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "82c94e6a7bd1",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "617cf144c206",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "50c47879650b",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/ntfs3/fslog.c"
],
"versions": [
{
"version": "5.15.164",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.102",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.43",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.12",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.2",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]References
git.kernel.org/stable/c/35652dfa8cc9a8a900ec0f1e0395781f94ffc5f0
git.kernel.org/stable/c/50c47879650b4c97836a0086632b3a2e300b0f06
git.kernel.org/stable/c/617cf144c206f98978ec730b17159344fd147cb4
git.kernel.org/stable/c/6ae7265a7b816879fd0203e83b5030d3720bbb7a
git.kernel.org/stable/c/818a257428644b8873e79c44404d8fb6598d4440
git.kernel.org/stable/c/82c94e6a7bd116724738aa67eba6f5fedf3a3319
Related
ubuntucve
ubuntucve
CVE-2024-41019
2024-07-29 00:00:00
redhatcve
redhatcve
CVE-2024-41019
2024-07-31 09:12:27
vulnrichment
vulnrichment
CVE-2024-41019 fs/ntfs3: Validate ff offset
2024-07-29 06:37:05
cve
cve
CVE-2024-41019
2024-07-29 07:15:07
nvd
nvd
CVE-2024-41019
2024-07-29 07:15:07
debiancve
debiancve
CVE-2024-41019
2024-07-29 07:15:07
osv
osv
CVE-2024-41019
2024-07-29 07:15:07
fedora
fedora
[SECURITY] Fedora 40 Update: kernel-6.9.12-200.fc40
2024-08-01 02:53:38
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-873e2cb5f2)
2024-08-06 00:00:00
Mageia: Security Advisory (MGASA-2024-0277)
2024-08-07 00:00:00
Mageia: Security Advisory (MGASA-2024-0278)
2024-08-07 00:00:00
nessus
nessus
Fedora 40 : kernel (2024-873e2cb5f2)
2024-08-01 00:00:00
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-679)
2024-08-06 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-050)
2024-08-17 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-08-07 08:49:38