CVE-2024-50129

Published: Nov 5, 2024Modified: Oct 1, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. The loop should not reach the index pcdev->nr_lines since we allocate exactly pcdev->nr_lines number of PI structures. This fix ensures proper bounds are maintained during iterations.

Affected (5)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.10 to 6.11.6
Linux Linux Kernel	Version 6.12 rc1
Linux Linux Kernel	Version 6.12 rc2
Linux Linux Kernel	Version 6.12 rc3
Linux Linux Kernel	Version 6.12 rc4

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://git.kernel.org/stable/c/50ea68146d82f34b3ad80d8290ef8222136dedd7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/f2767a41959e60763949c73ee180e40c686e807e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.