CVE-2024-38587
CVE-2024-38587 is a Linux kernel vulnerability where the Speakup code used sizeof() on a buf that is actually an array of 256 u16 values. The correct check is to use ARRAY_SIZE(), which yields 256, instead of sizeof() which yielded 512, avoiding a potential out-of-bounds access. The connected Nes...