Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-26791
Analyzed
More InfoOfficial Page
Source-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-04 Apr, 2024 | 09:15
Updated At-20 Dec, 2024 | 14:35

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getname_kernel(). Add a helper that validates both source and target device name buffers. For devid as the source initialize the buffer to empty string in case something tries to read it later. This was originally analyzed and fixed in a different way by Edward Adam Davis (see links).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions before 4.19.309(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 4.20(inclusive) to 5.4.271(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.5(inclusive) to 5.10.212(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.11(inclusive) to 5.15.151(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.16(inclusive) to 6.1.81(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.2(inclusive) to 6.6.21(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.7(inclusive) to 6.7.9(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.8
cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.8
cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.8
cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.8
cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.8
cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>6.8
cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/11d7a2e429c02d51e2dc90713823ea8b8d3d3a84416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/2886fe308a83968dde252302884a1e63351cf16d416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/343eecb4ff49a7b1cc1dfe86958a805cf2341cfb416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/9845664b9ee47ce7ee7ea93caf47d39a9d4552c4416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/ab2d68655d0f04650bef09fee948ff80597c5fb9416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/b1690ced4d2d8b28868811fb81cd33eee5aefee1416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/c6652e20d7d783d060fe5f987eac7b5cabe31311416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/f590040ce2b712177306b03c2a63b16f7d48d3c8416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/11d7a2e429c02d51e2dc90713823ea8b8d3d3a84af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/2886fe308a83968dde252302884a1e63351cf16daf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/343eecb4ff49a7b1cc1dfe86958a805cf2341cfbaf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/9845664b9ee47ce7ee7ea93caf47d39a9d4552c4af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/ab2d68655d0f04650bef09fee948ff80597c5fb9af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/b1690ced4d2d8b28868811fb81cd33eee5aefee1af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/c6652e20d7d783d060fe5f987eac7b5cabe31311af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/f590040ce2b712177306b03c2a63b16f7d48d3c8af854a3a-2127-422b-91ae-364da2661108
Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Hyperlink: https://git.kernel.org/stable/c/11d7a2e429c02d51e2dc90713823ea8b8d3d3a84
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/2886fe308a83968dde252302884a1e63351cf16d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/343eecb4ff49a7b1cc1dfe86958a805cf2341cfb
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/9845664b9ee47ce7ee7ea93caf47d39a9d4552c4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/ab2d68655d0f04650bef09fee948ff80597c5fb9
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/b1690ced4d2d8b28868811fb81cd33eee5aefee1
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/c6652e20d7d783d060fe5f987eac7b5cabe31311
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/f590040ce2b712177306b03c2a63b16f7d48d3c8
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/11d7a2e429c02d51e2dc90713823ea8b8d3d3a84
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/2886fe308a83968dde252302884a1e63351cf16d
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/343eecb4ff49a7b1cc1dfe86958a805cf2341cfb
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/9845664b9ee47ce7ee7ea93caf47d39a9d4552c4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/ab2d68655d0f04650bef09fee948ff80597c5fb9
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/b1690ced4d2d8b28868811fb81cd33eee5aefee1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/c6652e20d7d783d060fe5f987eac7b5cabe31311
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/f590040ce2b712177306b03c2a63b16f7d48d3c8
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Change History
0Changes found
Details not found