CVE-2024-50131: tracing: Consider the NULL character when validating the event length
First published: Tue Nov 05 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character. This commit checks this condition and returns failure for it.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | >=5.1<5.15.170 | |
| Linux Linux kernel | >=5.16<6.1.115 | |
| Linux Linux kernel | >=6.2<6.6.59 | |
| Linux Linux kernel | >=6.7<6.11.6 | |
| Linux Linux kernel | =6.12-rc1 | |
| Linux Linux kernel | =6.12-rc2 | |
| Linux Linux kernel | =6.12-rc3 | |
| Linux Linux kernel | =6.12-rc4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/b86b0d6eea204116e4185acc35041ca4ff11a642
- https://git.kernel.org/stable/c/f4ed40d1c669bba1a54407d8182acdc405683f29
- https://git.kernel.org/stable/c/a14a075a14af8d622c576145455702591bdde09d
- https://git.kernel.org/stable/c/5fd942598ddeed9a212d1ff41f9f5b47bcc990a7
- https://git.kernel.org/stable/c/0b6e2e22cb23105fcb171ab92f0f7516c69c8471
- https://git.kernel.org/stable/c/02874ca52df2ca2423ba6122039315ed61c25972
- https://git.kernel.org/stable/c/5e3231b352725ff4a3a0095e6035af674f2d8725
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/5.1
- version/linux linux kernel/5.16
- version/linux linux kernel/6.2
- version/linux linux kernel/6.7
- version/linux linux kernel/6.12-rc1
- version/linux linux kernel/6.12-rc2
- version/linux linux kernel/6.12-rc3
- version/linux linux kernel/6.12-rc4