CVE-2024-35878 | Linux Kernel up to 6.6.25/6.8.4 vsnprintf len null pointer dereference (e4a449368a2c/544561dc56f7/a1aa5390cc91)

Posted by Angelo Barbosa | May 19, 2024 | CVE

A vulnerability was found in Linux Kernel up to 6.6.25/6.8.4. It has been declared as critical. This vulnerability affects the function vsnprintf. The manipulation of the argument len leads to null pointer dereference.

This vulnerability was named CVE-2024-35878. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-35878 | Linux Kernel up to 6.6.25/6.8.4 vsnprintf len null pointer dereference (e4a449368a2c/544561dc56f7/a1aa5390cc91)

Related Posts

CVE-2023-40038 | Arris DG860A/DG1670A WPA2 PSK predictable state

CVE-2024-5137 | PHPGurukul Directory Management System 1.0 Searchbar /admin/admin-profile.php cross site scripting

CVE-2023-45744 | Peplink Smart Reader 1.2.0 Web Interface upload_config.cgi access control (TALOS-2023-1866)

CVE-2024-45368 | AutomationDirect DirectLogic H2-DM1E up to 2.8.0 session fixiation (icsa-24-256-17)