ГлавнаяУязвимости → CVE-2024-46836
7.8высокая

CVE-2024-46836

→ есть в БДУ: BDU:2024-08520 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed_udc: validate endpoint index for ast udc We should verify the bound of the array to assure that host may not manipulate the index to point past endpoint array. Found by static analysis.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://git.kernel.org/stable/c/31bd4fab49c0adc6228848357c1b1df9395858afhttps://git.kernel.org/stable/c/6fe9ca2ca389114c8da66e534c18273497843e8ahttps://git.kernel.org/stable/c/b2a50ffdd1a079869a62198a8d1441355c513c7chttps://git.kernel.org/stable/c/ee0d382feb44ec0f445e2ad63786cd7f3f6a8199https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html