CVE-2024-53110
vp_vdpa: fix id_table array not null terminated error
In the Linux kernel, the following vulnerability has been resolved:
vp_vdpa: fix id_table array not null terminated error
Allocate one extra virtio_device_id as null terminator, otherwise
vdpa_mgmtdev_get_classes() may iterate multiple times and visit
undefined memory.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/0a886489d274596ad1a80789d3a773503210a615https://git.kernel.org/stable/c/4e39ecadf1d2a08187139619f1f314b64ba7d947https://git.kernel.org/stable/c/870d68fe17b5d9032049dcad98b5781a344a8657https://git.kernel.org/stable/c/c4d64534d4b1c47d2f1ce427497f971ad4735aaehttps://lists.debian.org/debian-lts-announce/2025/01/msg00001.html