CVE-2024-50206

Published: Nov 8, 2024Modified: Oct 1, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init The loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers must only touch as many descriptors, otherwise it ends up corrupting unrelated memory. Fix the loop iteration count accordingly.

Affected (5)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.10 to 6.11.6
Linux Linux Kernel	From 6.9.6 to 6.10
Linux Linux Kernel	Version 6.12 rc1
Linux Linux Kernel	Version 6.12 rc2
Linux Linux Kernel	Version 6.12 rc3

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://git.kernel.org/stable/c/68cd084e3ec1512cd383cb3e9cf0ab7ab413724c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/88806efc034a9830f483963326b99930ad519af1

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.