ГлавнаяУязвимости → CVE-2024-38585
7.1высокая

CVE-2024-38585

→ есть в БДУ: BDU:2024-11567 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: tools/nolibc/stdlib: fix memory error in realloc() Pass user_p_len to memcpy() instead of heap->len to prevent realloc() from copying an extra sizeof(heap) bytes from beyond the allocated region.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Источники
https://git.kernel.org/stable/c/4e6f225aefeb712cdb870176b6621f02cf235b8chttps://git.kernel.org/stable/c/5996b2b2dac739f2a27da13de8eee5b85b2550b3https://git.kernel.org/stable/c/791f4641142e2aced85de082e5783b4fb0b977c2https://git.kernel.org/stable/c/8019d3dd921f39a237a9fab6d2ce716bfac0f983https://git.kernel.org/stable/c/f678c3c336559cf3255a32153e9a17c1be4e7c15https://git.kernel.org/stable/c/4e6f225aefeb712cdb870176b6621f02cf235b8chttps://git.kernel.org/stable/c/5996b2b2dac739f2a27da13de8eee5b85b2550b3https://git.kernel.org/stable/c/791f4641142e2aced85de082e5783b4fb0b977c2