Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2024-26926
HistoryApr 25, 2024 - 12:00 a.m.

CVE-2024-26926

2024-04-2500:00:00
ubuntu.com
ubuntu.com
5
linux
kernel
binder
offset alignment
vulnerability

AI Score

6.1

Confidence

High

EPSS

0

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved: binder:
check offset alignment in binder_get_object() Commit 6d98eb95b450 (β€œbinder:
avoid potential data leakage when copying txn”) introduced changes to how
binder objects are copied. In doing so, it unintentionally removed an
offset alignment check done through calls to
binder_alloc_copy_from_buffer() -> check_buffer(). These calls were
replaced in binder_get_object() with copy_from_user(), so now an explicit
offset alignment check is needed here. This avoids later complications when
unwinding the objects gets harder. It is worth noting this check existed
prior to commit 7a67a39320df (β€œbinder: add function to copy binder object
from buffer”), likely removed due to redundancy at the time.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux<Β 5.4.0-189.209UNKNOWN
ubuntu22.04noarchlinux<Β 5.15.0-116.126UNKNOWN
ubuntu23.10noarchlinux<Β 6.5.0-44.44UNKNOWN
ubuntu24.04noarchlinux<Β 6.8.0-38.38UNKNOWN
ubuntu20.04noarchlinux-aws<Β 5.4.0-1128.138UNKNOWN
ubuntu22.04noarchlinux-aws<Β 5.15.0-1065.71UNKNOWN
ubuntu24.04noarchlinux-aws<Β 6.8.0-1011.12UNKNOWN
ubuntu20.04noarchlinux-aws-5.15<Β 5.15.0-1065.71~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4<Β anyUNKNOWN
ubuntu22.04noarchlinux-aws-6.5<Β 6.5.0-1023.23~22.04.1UNKNOWN
Rows per page:
1-10 of 701

References

Related

osv 27
redhatcve 1
nvd 1
cvelist 1
debiancve 1
cve 1
vulnrichment 1
androidsecurity 1
openvas 25
nessus 27
debian 2
ubuntu 21
osv
osv
CVE-2024-26926
2024-04-25 06:15:00
Unintend failure in binder_transaction lead to ref->proc UAF
2024-06-01 00:00:00
linux - security update
2024-05-06 00:00:00
redhatcve
redhatcve
CVE-2024-26926
2024-04-25 14:39:24
nvd
nvd
CVE-2024-26926
2024-04-25 06:15:57
cvelist
cvelist
CVE-2024-26926 binder: check offset alignment in binder_get_object()
2024-04-24 23:23:40
debiancve
debiancve
CVE-2024-26926
2024-04-25 06:15:57
cve
cve
CVE-2024-26926
2024-04-25 06:15:57
vulnrichment
vulnrichment
CVE-2024-26926 binder: check offset alignment in binder_get_object()
2024-04-24 23:23:40
androidsecurity
androidsecurity
Android Security Bulletinβ€”June 2024
2024-06-03 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5680-1)
2024-05-07 00:00:00
Ubuntu: Security Advisory (USN-6895-1)
2024-07-15 00:00:00
Ubuntu: Security Advisory (USN-6895-2)
2024-07-17 00:00:00
nessus
nessus
Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-05-06 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6895-4)
2024-08-02 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6895-3)
2024-07-19 00:00:00
debian
debian
[SECURITY] [DSA 5680-1] linux security update
2024-05-06 17:40:02
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-07-16 00:00:00
Linux kernel vulnerabilities
2024-07-19 00:00:00
Linux kernel vulnerabilities
2024-07-12 00:00:00

AI Score

6.1

Confidence

High

EPSS

0

Percentile

10.3%

JSON
Related for UB:CVE-2024-26926
osv27redhatcve1nvd1cvelist1debiancve1cve1vulnrichment1androidsecurity1openvas25nessus27debian2ubuntu21