CVE-2024-27407

Published: May 17, 2024Modified: Jun 17, 2026

8.4

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr()

Affected (6)

Products: Linux: Linux Kernel

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.15 to 6.1.120
Linux Linux Kernel	From 6.2 to 6.6.19
Linux Linux Kernel	From 6.7 to 6.7.7
Linux Linux Kernel	Version 6.8 rc1
Linux Linux Kernel	Version 6.8 rc2
Linux Linux Kernel	Version 6.8 rc3

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (8)

https://git.kernel.org/stable/c/1c0a95d99b1b2b5d842e5abc7ef7eed1193b60d7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/652cfeb43d6b9aba5c7c4902bed7a7340df131fb

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8c77398c72618101d66480b94b34fe9087ee3d08

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e99faa97359654b6e4e769246c72cf50a57e05b2

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/1c0a95d99b1b2b5d842e5abc7ef7eed1193b60d7

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/652cfeb43d6b9aba5c7c4902bed7a7340df131fb

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/8c77398c72618101d66480b94b34fe9087ee3d08

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.