CVE-2024-39482

July 5, 2024, 12:55 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btree_iter btree_iter is used in two ways: either allocated on the stack with a fixed size MAX_BSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the struct had a fixed-length array of size MAX_BSETS which was indexed out-of-bounds for the dynamically-sized iterators, which causes UBSAN to complain. This patch uses the same approach as in bcachefs's sort_iter and splits the iterator into a btree_iter with a flexible array member and a btree_iter_stack which embeds a btree_iter as well as a fixed-length data array.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/0c31344e22dd8d6b1394c6e4c41d639015bdc671
https://git.kernel.org/stable/c/2c3d7b03b658dc8bfa6112b194b67b92a87e081b
https://git.kernel.org/stable/c/3a861560ccb35f2a4f0a4b8207fa7c2a35fc7f31
https://git.kernel.org/stable/c/5a1922adc5798b7ec894cd3f197afb6f9591b023
https://git.kernel.org/stable/c/6479b9f41583b013041943c4602e1ad61cec8148
https://git.kernel.org/stable/c/934e1e4331859183a861f396d7dfaf33cb5afb02

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-05
CVE-2024-39482

Timeline

Published: July 5, 2024, 7:15 a.m.
Last Modified: July 5, 2024, 12:55 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.