Lucene search
LinuxVULNRICHMENT:CVE-2024-42237HistoryAug 07, 2024 - 3:14 p.m.
CVE-2024-42237 firmware: cs_dsp: Validate payload length before processing block
2024-08-0715:14:26
Linux
github.com
2
linux kernel
firmware
cs_dsp
payload length
vulnerability
block processing
length validation
In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Validate payload length before processing block
Move the payload length check in cs_dsp_load() and cs_dsp_coeff_load()
to be done before the block is processed.
The check that the length of a block payload does not exceed the number
of remaining bytes in the firwmware file buffer was being done near the
end of the loop iteration. However, some code before that check used the
length field without validating it.
Related
cvelist
cvelist
cbl_mariner
cbl_mariner
CVE-2024-42237 affecting package kernel for versions less than 5.15.164.1-1
2024-08-20 21:54:44
CVE-2024-42237 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
ubuntucve
ubuntucve
CVE-2024-42237
2024-08-07 00:00:00
cve
cve
CVE-2024-42237
2024-08-07 16:15:46
debiancve
debiancve
CVE-2024-42237
2024-08-07 16:15:46
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2024-42237)
2024-08-11 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3190-1)
2024-09-11 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3209-1)
2024-09-12 00:00:00
redhatcve
redhatcve
CVE-2024-42237
2024-08-08 17:45:29
nvd
nvd
CVE-2024-42237
2024-08-07 16:15:46
osv
osv
CVE-2024-42237
2024-08-07 16:15:46
Security update for the Linux Kernel
2024-09-10 08:46:37
Security update for the Linux Kernel
2024-09-11 15:39:03
AI Score
7.2
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-42237