Lucene search
LinuxCVELIST:CVE-2024-46697HistorySep 13, 2024 - 5:29 a.m.
CVE-2024-46697 nfsd: ensure that nfsd4_fattr_args.context is zeroed out
2024-09-1305:29:24
Linux
www.cve.org
3
linux kernel
vulnerability
nfsd
security
context
stack
initialization
EPSS
0
Percentile
9.6%
In the Linux kernel, the following vulnerability has been resolved:
nfsd: ensure that nfsd4_fattr_args.context is zeroed out
If nfsd4_encode_fattr4 ends up doing a “goto out” before we get to
checking for the security label, then args.context will be set to
uninitialized junk on the stack, which we’ll then try to free.
Initialize it early.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfsd/nfs4xdr.c"
],
"versions": [
{
"version": "f59388a579c6",
"lessThan": "dd65b324174a",
"status": "affected",
"versionType": "git"
},
{
"version": "f59388a579c6",
"lessThan": "f58bab6fd406",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"fs/nfsd/nfs4xdr.c"
],
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10.8",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.11",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
nvd
nvd
CVE-2024-46697
2024-09-13 06:15:14
osv
osv
CVE-2024-46697
2024-09-13 06:15:14
cve
cve
CVE-2024-46697
2024-09-13 06:15:14
debiancve
debiancve
CVE-2024-46697
2024-09-13 06:15:14