6 matches found
CVE-2024-42130
A flaw was found in the Linux kernel's NFC subsystem, where the write call allows a mismatch between data length and count values. For example, a call with a data length of 3 bytes but a count of 15 could lead to inconsistencies in processing NFC packets. Mitigation Mitigation for this issue is...
CVE-2024-42130
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-42130
Removed by vendor...
CVE-2024-42130
...
CVE-2024-42130
CVE-2024-42130 is tied to Linux kernel 6.1 in the nfc/nci subsystem. The advisory notes an inconsistency check needed between input data length and count in write operations (nci_rf_intf_activated_ntf_packet), which could allow malformed data handling. The Astra Linux bulletin reports that this v...
CVE-2024-42130 nfc/nci: Add the inconsistency check between the input data length and count
In the Linux kernel, the following vulnerability has been resolved: nfc/nci: Add the inconsistency check between the input data length and count write$ncir0, &0x7f0000000740=ANY=@ANYBLOB="610501", 0xf Syzbot constructed a write call with a data length of 3 bytes but a count value of 15, which...