CVE-2024-41016

In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/57a3d89831fcaa2cdbe024b47c7c36d5a56c3637	Patch
https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262	Patch
https://git.kernel.org/stable/c/c031d286eceb82f72f8623b7f4abd2aa491bfb5e	Patch
https://git.kernel.org/stable/c/c726dea9d0c806d64c26fcef483b1fb9474d8c5e	Patch
https://git.kernel.org/stable/c/cfb926051fab19b10d1e65976211f364aa820180	Patch
https://git.kernel.org/stable/c/e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090	Patch
https://git.kernel.org/stable/c/e4ffea01adf3323c821b6f37e9577d2d400adbaa	Patch
https://git.kernel.org/stable/c/e8f9c4af7af7e9e4cd09c0251c7936593147419f	Patch
https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262	Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2024-07-29 07:15

Updated : 2025-11-03 22:17

NVD link : CVE-2024-41016

Mitre link : CVE-2024-41016

CVE.ORG link : CVE-2024-41016

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2024-41016", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-07-29T07:15:06.293", "references": [{"url": "https://git.kernel.org/stable/c/57a3d89831fcaa2cdbe024b47c7c36d5a56c3637", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c031d286eceb82f72f8623b7f4abd2aa491bfb5e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c726dea9d0c806d64c26fcef483b1fb9474d8c5e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cfb926051fab19b10d1e65976211f364aa820180", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e4ffea01adf3323c821b6f37e9577d2d400adbaa", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e8f9c4af7af7e9e4cd09c0251c7936593147419f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/af77c4fc1871847b528d58b7fdafb4aa1f6a9262", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()\n\nxattr in ocfs2 maybe 'non-indexed', which saved with additional space\nrequested. It's better to check if the memory is out of bound before\nmemcmp, although this possibility mainly comes from crafted poisonous\nimages."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ocfs2: verificaci\u00f3n de l\u00edmite estricto antes de memcmp en ocfs2_xattr_find_entry() xattr en ocfs2 puede ser 'non-indexed', lo que se guard\u00f3 con espacio adicional solicitado. Es mejor comprobar si la memoria est\u00e1 fuera de los l\u00edmites antes de memcmp, aunque esta posibilidad proviene principalmente de im\u00e1genes venenosas creadas."}], "lastModified": "2025-11-03T22:17:23.667", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BC77309-A76B-49EF-A846-844D824E3586", "versionEndExcluding": "4.19.323"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5A89369-320F-47FC-8695-56F61F87E4C0", "versionEndExcluding": "5.4.285", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "795A3EE6-0CAB-4409-A903-151C94ACECC0", "versionEndExcluding": "5.10.227", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D51C05D-455B-4D8D-89E7-A58E140B864C", "versionEndExcluding": "5.15.168", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C1227B7-CF55-4728-857F-966F83ACD8B5", "versionEndExcluding": "6.1.112", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "007075FA-C231-42B1-A525-B87CEA313C63", "versionEndExcluding": "6.6.53", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42054751-2A4F-4982-ADE9-A8251AD9A7BC", "versionEndExcluding": "6.10.12", "versionStartIncluding": "6.7"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}