CVE-2024-36957

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. To ensure the copied buffer is NUL terminated, we use memdup_user_nul instead.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7	Patch
https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67	Patch
https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e	Patch
https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f	Patch
https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878	Patch
https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19	Patch
https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7	Patch
https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67	Patch
https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e	Patch
https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f	Patch
https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878	Patch
https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19	Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc6::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

23 Dec 2025, 19:16

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7 -~~	() https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7 - Patch
References	~~() https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67 -~~	() https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67 - Patch
References	~~() https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e -~~	() https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e - Patch
References	~~() https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f -~~	() https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f - Patch
References	~~() https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878 -~~	() https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878 - Patch
References	~~() https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19 -~~	() https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19 - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html -~~	() https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html - Third Party Advisory
CWE		CWE-193
CPE		cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:linux:linux_kernel:6.9:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.9:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Debian Debian debian Linux Linux linux Kernel

21 Nov 2024, 09:22

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html -
References	~~() https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7 -~~	() https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7 -
References	~~() https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67 -~~	() https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67 -
References	~~() https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e -~~	() https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e -
References	~~() https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f -~~	() https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f -
References	~~() https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878 -~~	() https://git.kernel.org/stable/c/f299ee709fb45036454ca11e90cb2810fe771878 -
References	~~() https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19 -~~	() https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbee542c19 -

05 Nov 2024, 10:17

Type	Values Removed	Values Added
References	~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~

27 Jun 2024, 14:15

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: octeontx2-af: evitar lecturas uno por uno desde el espacio de usuario Intentamos acceder al recuento + 1 byte desde el espacio de usuario con memdup_user (búfer, recuento + 1). Sin embargo, el espacio de usuario solo proporciona un búfer de bytes de recuento y solo se verifica que se puede acceder a estos bytes de recuento. Para garantizar que el búfer copiado tenga terminación NUL, usamos memdup_user_nul en su lugar.
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html -

30 May 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-30 16:15

Updated : 2025-12-23 19:16

NVD link : CVE-2024-36957

Mitre link : CVE-2024-36957

CVE.ORG link : CVE-2024-36957

JSON object : View

Products Affected

debian

debian_linux

linux

linux_kernel

CWE

CWE-193

Off-by-one Error

5.5 /10