CVE-2024-56615Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write82 documents8 sources
Severity
7.8HIGHNVD
OSV8.8OSV7.1OSV5.5
EPSS
0.0%
top 93.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
LinuxLinux KernelDebian Linux+5 more
Timeline
PublishedDec 27
Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes. Fix is simple as changing the type from int to u32, however, when compared to XSKMAP case, one more thing needs to be addressed. When map is released from system via dev_map_free(), we iterate through all of the entrie

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages10 packages

NVDlinux/linux_kernel4.145.4.287+6
Debianlinux/linux_kernel< 5.10.234-1+3
Ubuntulinux/linux_kernel< 5.4.0-211.231+3

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

40
OSV
linux-raspi-5.4 vulnerabilities2025-05-28
OSV
linux-raspi vulnerabilities2025-05-28
OSV
linux-raspi vulnerabilities2025-05-26
OSV
linux-raspi-realtime vulnerabilities2025-05-20
OSV
linux-gcp-5.15 vulnerabilities2025-04-28

📋Vendor Advisories

41
CISA ICS
Siemens Third-Party Components in SINEC OS2025-08-14
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-28
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-28
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-26
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-05-20
CVE-2024-56615 — Out-of-bounds Write in Linux | cvebase