CVE-2024-56595

HIGH EPSS 17.0%
Published Dec 27, 20241y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Dec 27, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree When the value of lp is 0 at the beginning of the for loop, it will become negative in the next assignment and we should bail out.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
17.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-129

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel* <5.4.287
linuxlinux_kernel*≥5.5  –  <5.10.231
linuxlinux_kernel*≥5.11  –  <5.15.174
linuxlinux_kernel*≥5.16  –  <6.1.120
linuxlinux_kernel*≥6.2  –  <6.6.66
linuxlinux_kernel*≥6.7  –  <6.12.5

References 9

  • git.kernel.org https://git.kernel.org/stable/c/368a533152220b0a6f1142327d96c6b6361f3002
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3b5d21b56c3774bc84eab0a93aaac22a4475e2c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/491487eeddccc4bb49f2e59d8c8f35bec89c15ca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a4311bbde702362fe7412045d06ab6767235dac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a174706ba4dad895c40b1d2277bade16dfacdcd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a3d408870bc19b794646871bc4c3a5daa66f91c5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b15000bcbecf27e0f7c0f149a409e5b865e28ca2
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/368a533152220b0a6f1142327d96c6b6361f3002
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3b5d21b56c3774bc84eab0a93aaac22a4475e2c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/491487eeddccc4bb49f2e59d8c8f35bec89c15ca
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a4311bbde702362fe7412045d06ab6767235dac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a174706ba4dad895c40b1d2277bade16dfacdcd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a3d408870bc19b794646871bc4c3a5daa66f91c5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b15000bcbecf27e0f7c0f149a409e5b865e28ca2
    Patch