Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2024-36883
HistoryMay 30, 2024 - 12:00 a.m.

CVE-2024-36883

2024-05-3000:00:00
ubuntu.com
ubuntu.com
7
linux kernel
vulnerability
net
out-of-bounds access
ops_init
net_alloc_generic
pernet_ops_rwsem
array
thread
fix

AI Score

8.4

Confidence

High

EPSS

0

Percentile

13.0%

JSON

In the Linux kernel, the following vulnerability has been resolved: net:
fix out-of-bounds access in ops_init net_alloc_generic is called by
net_alloc, which is called without any locking. It reads max_gen_ptrs,
which is changed under pernet_ops_rwsem. It is read twice, first to
allocate an array, then to set s.len, which is later used to limit the
bounds of the array access. It is possible that the array is allocated and
another thread is registering a new pernet ops, increments max_gen_ptrs,
which is then used to set s.len with a larger than allocated length for the
variable array. Fix it by reading max_gen_ptrs only once in
net_alloc_generic. If max_gen_ptrs is later incremented, it will be caught
in net_assign_generic.

Related

vulnrichment 1
debiancve 1
redhatcve 1
cvelist 1
osv 26
cve 1
nvd 1
cloudlinux 1
nessus 47
redhat 7
redos 1
amazon 1
rocky 2
oraclelinux 3
debian 1
openvas 31
ubuntu 16
almalinux 2
mageia 2
vulnrichment
vulnrichment
CVE-2024-36883 net: fix out-of-bounds access in ops_init
2024-05-30 15:28:53
debiancve
debiancve
CVE-2024-36883
2024-05-30 16:15:11
redhatcve
redhatcve
CVE-2024-36883
2024-06-02 15:30:16
cvelist
cvelist
CVE-2024-36883 net: fix out-of-bounds access in ops_init
2024-05-30 15:28:53
osv
osv
CVE-2024-36883
2024-05-30 16:15:00
Moderate: kernel security update
2024-09-17 00:57:55
Moderate: kernel security update
2024-09-17 00:55:50
cve
cve
CVE-2024-36883
2024-05-30 16:15:11
nvd
nvd
CVE-2024-36883
2024-05-30 16:15:11
cloudlinux
cloudlinux
kernel: Fix of 8 CVEs
2024-09-18 10:24:56
nessus
nessus
RHEL 9 : kernel-rt (RHSA-2024:5673)
2024-08-25 00:00:00
RHEL 9 : kernel (RHSA-2024:5672)
2024-08-25 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-069)
2024-05-31 00:00:00
redhat
redhat
(RHSA-2024:5673) Important: kernel-rt security update
2024-08-21 00:10:13
(RHSA-2024:5672) Important: kernel security update
2024-08-21 00:10:06
(RHSA-2024:6567) Moderate: kernel security update
2024-09-11 00:05:08
redos
redos
ROS-20240905-04
2024-09-05 00:00:00
amazon
amazon
Important: kernel
2024-06-19 19:15:00
rocky
rocky
kernel security update
2024-09-17 00:55:50
kernel security update
2024-09-17 00:57:55
oraclelinux
oraclelinux
kernel security update
2024-09-11 00:00:00
Unbreakable Enterprise kernel security update
2024-09-02 00:00:00
kernel security update
2024-09-24 00:00:00
debian
debian
[SECURITY] [DSA 5703-1] linux security update
2024-06-02 17:04:56
openvas
openvas
Debian: Security Advisory (DSA-5703-1)
2024-07-01 00:00:00
Debian: Security Advisory (DLA-3843-1)
2024-07-01 00:00:00
Ubuntu: Security Advisory (USN-6950-1)
2024-08-09 00:00:00
ubuntu
ubuntu
Linux kernel (Oracle) vulnerabilities
2024-08-13 00:00:00
Linux kernel vulnerabilities
2024-08-13 00:00:00
Linux kernel vulnerabilities
2024-08-08 00:00:00
almalinux
almalinux
Important: kernel-rt security update
2024-09-24 00:00:00
Important: kernel security update
2024-09-24 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-07-14 08:23:38
Updated kernel kmod-xtables-addons kmod-virtualbox dwarves packages fix security vulnerabilities
2024-07-13 10:54:44

AI Score

8.4

Confidence

High

EPSS

0

Percentile

13.0%

JSON
Related for UB:CVE-2024-36883
vulnrichment1debiancve1redhatcve1cvelist1osv26cve1nvd1cloudlinux1nessus47redhat7redos1amazon1rocky2oraclelinux3debian1openvas31ubuntu16almalinux2mageia2