LinuxVULNRICHMENT:CVE-2024-38587CVE-2024-38587 speakup: Fix sizeof() vs ARRAY_SIZE() bug
In the Linux kernel, the following vulnerability has been resolved:
speakup: Fix sizeof() vs ARRAY_SIZE() bug
The “buf” pointer is an array of u16 values. This code should be
using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),
otherwise it can the still got out of bounds.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "756c5cb7c09e",
"lessThan": "42f0a3f67158",
"versionType": "git"
},
{
"status": "affected",
"version": "8f6b62125bef",
"lessThan": "cd7f3978c2ec",
"versionType": "git"
},
{
"status": "affected",
"version": "6401038acfa2",
"lessThan": "07ef95cc7a57",
"versionType": "git"
},
{
"status": "affected",
"version": "0d130158db29",
"lessThan": "504178fb7d9f",
"versionType": "git"
},
{
"status": "affected",
"version": "89af25bd4b4b",
"lessThan": "3726f75a1ccc",
"versionType": "git"
},
{
"status": "affected",
"version": "8defb1d22ba0",
"lessThan": "c6e1650cf5df",
"versionType": "git"
},
{
"status": "affected",
"version": "0efb15c14c49",
"lessThan": "eb1ea64328d4",
"versionType": "git"
},
{
"status": "affected",
"version": "c8d2f34ea96e",
"lessThan": "d52c04474fea",
"versionType": "git"
},
{
"status": "affected",
"version": "c8d2f34ea96e",
"lessThan": "008ab3c53bc4",
"versionType": "git"
}
],
"programFiles": [
"drivers/accessibility/speakup/main.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "6.9",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.19.316",
"versionType": "custom",
"lessThanOrEqual": "4.19.*"
},
{
"status": "unaffected",
"version": "5.4.278",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.219",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.15.161",
"versionType": "custom",
"lessThanOrEqual": "5.15.*"
},
{
"status": "unaffected",
"version": "6.1.93",
"versionType": "custom",
"lessThanOrEqual": "6.1.*"
},
{
"status": "unaffected",
"version": "6.6.33",
"versionType": "custom",
"lessThanOrEqual": "6.6.*"
},
{
"status": "unaffected",
"version": "6.8.12",
"versionType": "custom",
"lessThanOrEqual": "6.8.*"
},
{
"status": "unaffected",
"version": "6.9.3",
"versionType": "custom",
"lessThanOrEqual": "6.9.*"
},
{
"status": "unaffected",
"version": "6.10-rc1",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/accessibility/speakup/main.c"
],
"defaultStatus": "affected"
}
]References
git.kernel.org/stable/c/008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b
git.kernel.org/stable/c/07ef95cc7a579731198c93beed281e3a79a0e586
git.kernel.org/stable/c/3726f75a1ccc16cd335c0ccfad1d92ee08ecba5e
git.kernel.org/stable/c/42f0a3f67158ed6b2908d2b9ffbf7e96d23fd358
git.kernel.org/stable/c/504178fb7d9f6cdb0496d5491efb05f45597e535
git.kernel.org/stable/c/c6e1650cf5df1bd6638eeee231a683ef30c7d4eb
git.kernel.org/stable/c/cd7f3978c2ec741aedd1d860b2adb227314cf996
git.kernel.org/stable/c/d52c04474feac8e305814a5228e622afe481b2ef
git.kernel.org/stable/c/eb1ea64328d4cc7d7a912c563f8523d5259716ef
lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Related
7.1 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
13.2%