Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-42265HistoryAug 17, 2024 - 9:15 a.m.
CVE-2024-42265
2024-08-1709:15:07
Debian Security Bug Tracker
security-tracker.debian.org
15
unix
information security
cve-2024-42265
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being speculatively executed. That’s wrong for the same reasons why it’s wrong in close_fd()/file_close_fd_locked(); the same solution applies - array_index_nospec(fd, fdt->max_fds) could differ from fd only in case of speculative execution on mispredicted path.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.106-1 | linux_6.1.106-1_all.deb |
| Debian | 11 | all | linux | <= 5.10.223-1 | linux_5.10.223-1_all.deb |
| Debian | 999 | all | linux | < 6.10.4-1 | linux_6.10.4-1_all.deb |
| Debian | 13 | all | linux | < 6.10.4-1 | linux_6.10.4-1_all.deb |
Related
cve
cve
CVE-2024-42265
2024-08-17 09:15:07
redhatcve
redhatcve
CVE-2024-42265
2024-08-19 15:56:34
ubuntucve
ubuntucve
CVE-2024-42265
2024-08-17 00:00:00
cvelist
cvelist
vulnrichment
vulnrichment
osv
osv
CVE-2024-42265
2024-08-17 09:15:07
nvd
nvd
CVE-2024-42265
2024-08-17 09:15:07
nessus
nessus
Photon OS 5.0: Linux PHSA-2024-5.0-0359
2024-09-06 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0359
2024-08-28 00:00:00