CVE-2024-43839

HIGH EPSS 16.6%
Published Aug 17, 20241y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have enough space to write all possible sprintf() args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since 'bnad->netdev->name' is used there. For '%d' specifiers, assume that they require: * 1 char for 'tx_id + tx_info->tcb[i]->id' sum, BNAD_MAX_TXQ_PER_TX is 8 * 2 chars for 'rx_id + rx_info->rx_ctrl[i].ccb->id', BNAD_MAX_RXP_PER_RX is 16 And replace sprintf with snprintf. Detected using the static analysis tool - Svace.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
16.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 8

VendorProductVersionRange
debiandebian_linux11.0any
linuxlinux_kernel*≥2.6.37  –  <4.19.320
linuxlinux_kernel*≥4.20  –  <5.4.282
linuxlinux_kernel*≥5.5  –  <5.10.224
linuxlinux_kernel*≥5.11  –  <5.15.165
linuxlinux_kernel*≥5.16  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 10

  • git.kernel.org https://git.kernel.org/stable/c/6ce46045f9b90d952602e2c0b8886cfadf860bf1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d20c4044ab4d0e6a99aa35853e66f0aed5589e3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ab748dd10d8742561f2980fea08ffb4f0cacfdef
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b0ff0cd0847b03c0a0abe20cfa900eabcfcb9e43
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c90b1cd7758fd4839909e838ae195d19f8065d76
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c9741a03dc8e491e57b95fba0058ab46b7e506da
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e0f48f51d55fb187400e9787192eda09fa200ff5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f121740f69eda4da2de9a20a6687a13593e72540
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
    Mailing ListThird Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
    Mailing ListThird Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/6ce46045f9b90d952602e2c0b8886cfadf860bf1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d20c4044ab4d0e6a99aa35853e66f0aed5589e3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ab748dd10d8742561f2980fea08ffb4f0cacfdef
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b0ff0cd0847b03c0a0abe20cfa900eabcfcb9e43
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c90b1cd7758fd4839909e838ae195d19f8065d76
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c9741a03dc8e491e57b95fba0058ab46b7e506da
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e0f48f51d55fb187400e9787192eda09fa200ff5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f121740f69eda4da2de9a20a6687a13593e72540
    Patch