VDB
DEBIAN-CVE-2024-41016
DEBIAN-CVE-2024-41016
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux | 5.10.178-1, 5.10.162-1, 5.10.179-1 |
| Debian:13 | linux | 0, 0 |
| Debian:12 | linux | 6.1.106-2, 6.1.27-1, 6.1.37-1 |
| Debian:11 | linux-6.1 | 0, 6.1.106-3, 6.1.106-3 |
| Debian:14 | linux | 0, 0 |
Timeline
- Jul 29, 2024 CVE Published
- Apr 28, 2026 CVE Updated