CVE-2024-45008

🗓️ 04 Sep 2024 21:42:10Reported by redhat.comType

In Linux kernel, resolved vulnerability in input MT - limit max slots syzbot is reporting too large allocation at input_mt_init_slots(). Patch chose 1024 max slots for num_slots supplied from userspace using ioctl(UI_DEV_CREATE)

Reporter	Title	Published	Views	Family All 201
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-779)	11 Dec 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2-2024-2696 (ALAS-2024-2696)	14 Mar 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2024-071 (ALASKERNEL-5.10-2024-071)	2 Oct 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2025-064 (ALASKERNEL-5.15-2025-064)	27 Mar 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2024-085 (ALASKERNEL-5.4-2024-085)	18 Sep 202400:00	–	nessus
Tenable Nessus	Debian dla-3912 : ata-modules-5.10.0-29-armmp-di - security update	7 Oct 202400:00	–	nessus
Tenable Nessus	Debian dla-4008 : linux-config-6.1 - security update	3 Jan 202500:00	–	nessus
Tenable Nessus	Debian dsa-5782 : affs-modules-6.1.0-21-4kc-malta-di - security update	3 Oct 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2938)	12 Dec 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2953)	12 Dec 202400:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-45008
lore	www.lore.kernel.org/linux-cve-announce/2024090452-CVE-2024-45008-1d89@gregkh/T
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

04 Nov 2024 09:05Current

7High risk

Vulners AI Score7

CVSS 3.15.5

EPSS0.00019

CWE-789