Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-38579
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-19 Jun, 2024 | 13:37
Updated At-04 Nov, 2025 | 17:21
Rejected At-
▼CVE Numbering Authority (CNA)
crypto: bcm - Fix pointer arithmetic

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key_len to hash_iv_len. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/crypto/bcm/spu2.c
Default Status
unaffected
Versions
Affected
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before c256b616067bfd6d274c679c06986b78d2402434 (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before e719c8991c161977a67197775067ab456b518c7b (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6 (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before c69a1e4b419c2c466dd8c5602bdebadc353973dd (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before 49833a8da6407e7e9b532cc4054fdbcaf78f5fdd (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before d0f14ae223c2421b334c1f1a9e48f1e809aee3a0 (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before c0082ee420639a97e40cae66778b02b341b005e5 (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before 3b7a40740f04e2f27114dfd6225c5e721dda9d57 (git)
  • From 9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 before 2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/crypto/bcm/spu2.c
Default Status
affected
Versions
Affected
  • 4.11
Unaffected
  • From 0 before 4.11 (semver)
  • From 4.19.316 through 4.19.* (semver)
  • From 5.4.278 through 5.4.* (semver)
  • From 5.10.219 through 5.10.* (semver)
  • From 5.15.161 through 5.15.* (semver)
  • From 6.1.93 through 6.1.* (semver)
  • From 6.6.33 through 6.6.* (semver)
  • From 6.8.12 through 6.8.* (semver)
  • From 6.9.3 through 6.9.* (semver)
  • From 6.10 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/c256b616067bfd6d274c679c06986b78d2402434
N/A
https://git.kernel.org/stable/c/e719c8991c161977a67197775067ab456b518c7b
N/A
https://git.kernel.org/stable/c/ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6
N/A
https://git.kernel.org/stable/c/c69a1e4b419c2c466dd8c5602bdebadc353973dd
N/A
https://git.kernel.org/stable/c/49833a8da6407e7e9b532cc4054fdbcaf78f5fdd
N/A
https://git.kernel.org/stable/c/d0f14ae223c2421b334c1f1a9e48f1e809aee3a0
N/A
https://git.kernel.org/stable/c/c0082ee420639a97e40cae66778b02b341b005e5
N/A
https://git.kernel.org/stable/c/3b7a40740f04e2f27114dfd6225c5e721dda9d57
N/A
https://git.kernel.org/stable/c/2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9
N/A
Hyperlink: https://git.kernel.org/stable/c/c256b616067bfd6d274c679c06986b78d2402434
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/e719c8991c161977a67197775067ab456b518c7b
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/c69a1e4b419c2c466dd8c5602bdebadc353973dd
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/49833a8da6407e7e9b532cc4054fdbcaf78f5fdd
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/d0f14ae223c2421b334c1f1a9e48f1e809aee3a0
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/c0082ee420639a97e40cae66778b02b341b005e5
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/3b7a40740f04e2f27114dfd6225c5e721dda9d57
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/c256b616067bfd6d274c679c06986b78d2402434
x_transferred
https://git.kernel.org/stable/c/e719c8991c161977a67197775067ab456b518c7b
x_transferred
https://git.kernel.org/stable/c/ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6
x_transferred
https://git.kernel.org/stable/c/c69a1e4b419c2c466dd8c5602bdebadc353973dd
x_transferred
https://git.kernel.org/stable/c/49833a8da6407e7e9b532cc4054fdbcaf78f5fdd
x_transferred
https://git.kernel.org/stable/c/d0f14ae223c2421b334c1f1a9e48f1e809aee3a0
x_transferred
https://git.kernel.org/stable/c/c0082ee420639a97e40cae66778b02b341b005e5
x_transferred
https://git.kernel.org/stable/c/3b7a40740f04e2f27114dfd6225c5e721dda9d57
x_transferred
https://git.kernel.org/stable/c/2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9
x_transferred
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
N/A
Hyperlink: https://git.kernel.org/stable/c/c256b616067bfd6d274c679c06986b78d2402434
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/e719c8991c161977a67197775067ab456b518c7b
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/ebed0d666fa709bae9e8cafa8ec6e7ebd1d318c6
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/c69a1e4b419c2c466dd8c5602bdebadc353973dd
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/49833a8da6407e7e9b532cc4054fdbcaf78f5fdd
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/d0f14ae223c2421b334c1f1a9e48f1e809aee3a0
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/c0082ee420639a97e40cae66778b02b341b005e5
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/3b7a40740f04e2f27114dfd6225c5e721dda9d57
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/2b3460cbf454c6b03d7429e9ffc4fe09322eb1a9
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found