VDB
DEBIAN-CVE-2024-50131
DEBIAN-CVE-2024-50131
PUBLISHED
CVSS 7.800000190734863 HIGH
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character. This commit checks this condition and returns failure for it.
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux | 5.10.162-1, 5.10.158-1, 5.10.178-1 |
| Debian:11 | linux-6.1 | 6.1.106-3, 0, * |
| Debian:12 | linux | 6.1.55-1~bpo11+1, 6.1.64-1, 6.1.66-1 |
| Debian:14 | linux | 0, 0 |
| Debian:13 | linux | 0, 0 |
Timeline
- Nov 5, 2024 CVE Published
- Apr 28, 2026 CVE Updated