CVE - CVE-2024-49860

CVE-ID
CVE-2024-49860	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is returned description_show() will access invalid memory.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0cdfb9178a3bba843c95c2117c82c15f1a64b9ce URL:https://git.kernel.org/stable/c/0cdfb9178a3bba843c95c2117c82c15f1a64b9ce MISC:https://git.kernel.org/stable/c/4b081991c4363e072e1748efed0bbec8a77daba5 URL:https://git.kernel.org/stable/c/4b081991c4363e072e1748efed0bbec8a77daba5 MISC:https://git.kernel.org/stable/c/4bb1e7d027413835b086aed35bc3f0713bc0f72b URL:https://git.kernel.org/stable/c/4bb1e7d027413835b086aed35bc3f0713bc0f72b MISC:https://git.kernel.org/stable/c/5c8d007c14aefc3f2ddf71e4c40713733dc827be URL:https://git.kernel.org/stable/c/5c8d007c14aefc3f2ddf71e4c40713733dc827be MISC:https://git.kernel.org/stable/c/f0921ecd4ddc14646bb5511f49db4d7d3b0829f0 URL:https://git.kernel.org/stable/c/f0921ecd4ddc14646bb5511f49db4d7d3b0829f0 MISC:https://git.kernel.org/stable/c/f51e5a88f2e7224858b261546cf6b3037dfb1323 URL:https://git.kernel.org/stable/c/f51e5a88f2e7224858b261546cf6b3037dfb1323 MISC:https://git.kernel.org/stable/c/f51f711d36e61fbb87c67b524fd200e05172668d URL:https://git.kernel.org/stable/c/f51f711d36e61fbb87c67b524fd200e05172668d
Assigning CNA
kernel.org
Date Record Created
20241021	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241021)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.