CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-36477

In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for computing the maximum transfer length and the size of the transfer buffer. As such, it does not account for the 4 bytes of header that prepends the SPI data frame. This can result in out-of-bounds accesses and was confirmed with KASAN. Introduce SPI_HDRSIZE to account for the header and use to allocate the transfer buffer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.9%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2024-36477

Linux » Linux Kernel » Version: 6.10

cpe:2.3:o:linux:linux_kernel:6.10
Linux » Linux Kernel » Version: 6.6.1

cpe:2.3:o:linux:linux_kernel:6.6.1
Linux » Linux Kernel » Version: 6.6.10

cpe:2.3:o:linux:linux_kernel:6.6.10
Linux » Linux Kernel » Version: 6.6.11

cpe:2.3:o:linux:linux_kernel:6.6.11
Linux » Linux Kernel » Version: 6.6.12

cpe:2.3:o:linux:linux_kernel:6.6.12
Linux » Linux Kernel » Version: 6.6.13

cpe:2.3:o:linux:linux_kernel:6.6.13
Linux » Linux Kernel » Version: 6.6.14

cpe:2.3:o:linux:linux_kernel:6.6.14
Linux » Linux Kernel » Version: 6.6.15

cpe:2.3:o:linux:linux_kernel:6.6.15
Linux » Linux Kernel » Version: 6.6.16

cpe:2.3:o:linux:linux_kernel:6.6.16
Linux » Linux Kernel » Version: 6.6.17

cpe:2.3:o:linux:linux_kernel:6.6.17
Linux » Linux Kernel » Version: 6.6.18

cpe:2.3:o:linux:linux_kernel:6.6.18
Linux » Linux Kernel » Version: 6.6.19

cpe:2.3:o:linux:linux_kernel:6.6.19
Linux » Linux Kernel » Version: 6.6.2

cpe:2.3:o:linux:linux_kernel:6.6.2
Linux » Linux Kernel » Version: 6.6.20

cpe:2.3:o:linux:linux_kernel:6.6.20
Linux » Linux Kernel » Version: 6.6.21

cpe:2.3:o:linux:linux_kernel:6.6.21
Linux » Linux Kernel » Version: 6.6.22

cpe:2.3:o:linux:linux_kernel:6.6.22
Linux » Linux Kernel » Version: 6.6.23

cpe:2.3:o:linux:linux_kernel:6.6.23
Linux » Linux Kernel » Version: 6.6.24

cpe:2.3:o:linux:linux_kernel:6.6.24
Linux » Linux Kernel » Version: 6.6.25

cpe:2.3:o:linux:linux_kernel:6.6.25
Linux » Linux Kernel » Version: 6.6.26

cpe:2.3:o:linux:linux_kernel:6.6.26
Linux » Linux Kernel » Version: 6.6.27

cpe:2.3:o:linux:linux_kernel:6.6.27
Linux » Linux Kernel » Version: 6.6.28

cpe:2.3:o:linux:linux_kernel:6.6.28
Linux » Linux Kernel » Version: 6.6.29

cpe:2.3:o:linux:linux_kernel:6.6.29
Linux » Linux Kernel » Version: 6.6.3

cpe:2.3:o:linux:linux_kernel:6.6.3
Linux » Linux Kernel » Version: 6.6.30

cpe:2.3:o:linux:linux_kernel:6.6.30
Linux » Linux Kernel » Version: 6.6.31

cpe:2.3:o:linux:linux_kernel:6.6.31
Linux » Linux Kernel » Version: 6.6.32

cpe:2.3:o:linux:linux_kernel:6.6.32
Linux » Linux Kernel » Version: 6.6.4

cpe:2.3:o:linux:linux_kernel:6.6.4
Linux » Linux Kernel » Version: 6.6.5

cpe:2.3:o:linux:linux_kernel:6.6.5
Linux » Linux Kernel » Version: 6.6.6

cpe:2.3:o:linux:linux_kernel:6.6.6
Linux » Linux Kernel » Version: 6.6.7

cpe:2.3:o:linux:linux_kernel:6.6.7
Linux » Linux Kernel » Version: 6.6.8

cpe:2.3:o:linux:linux_kernel:6.6.8
Linux » Linux Kernel » Version: 6.6.9

cpe:2.3:o:linux:linux_kernel:6.6.9
Linux » Linux Kernel » Version: 6.7.1

cpe:2.3:o:linux:linux_kernel:6.7.1
Linux » Linux Kernel » Version: 6.7.10

cpe:2.3:o:linux:linux_kernel:6.7.10
Linux » Linux Kernel » Version: 6.7.11

cpe:2.3:o:linux:linux_kernel:6.7.11
Linux » Linux Kernel » Version: 6.7.12

cpe:2.3:o:linux:linux_kernel:6.7.12
Linux » Linux Kernel » Version: 6.7.2

cpe:2.3:o:linux:linux_kernel:6.7.2
Linux » Linux Kernel » Version: 6.7.3

cpe:2.3:o:linux:linux_kernel:6.7.3
Linux » Linux Kernel » Version: 6.7.4

cpe:2.3:o:linux:linux_kernel:6.7.4
Linux » Linux Kernel » Version: 6.7.5

cpe:2.3:o:linux:linux_kernel:6.7.5
Linux » Linux Kernel » Version: 6.7.6

cpe:2.3:o:linux:linux_kernel:6.7.6
Linux » Linux Kernel » Version: 6.7.7

cpe:2.3:o:linux:linux_kernel:6.7.7
Linux » Linux Kernel » Version: 6.7.8

cpe:2.3:o:linux:linux_kernel:6.7.8
Linux » Linux Kernel » Version: 6.7.9

cpe:2.3:o:linux:linux_kernel:6.7.9
Linux » Linux Kernel » Version: 6.8

cpe:2.3:o:linux:linux_kernel:6.8
Linux » Linux Kernel » Version: 6.8.1

cpe:2.3:o:linux:linux_kernel:6.8.1
Linux » Linux Kernel » Version: 6.8.10

cpe:2.3:o:linux:linux_kernel:6.8.10
Linux » Linux Kernel » Version: 6.8.11

cpe:2.3:o:linux:linux_kernel:6.8.11
Linux » Linux Kernel » Version: 6.8.12

cpe:2.3:o:linux:linux_kernel:6.8.12
Linux » Linux Kernel » Version: 6.8.2

cpe:2.3:o:linux:linux_kernel:6.8.2
Linux » Linux Kernel » Version: 6.8.3

cpe:2.3:o:linux:linux_kernel:6.8.3
Linux » Linux Kernel » Version: 6.8.4

cpe:2.3:o:linux:linux_kernel:6.8.4
Linux » Linux Kernel » Version: 6.8.5

cpe:2.3:o:linux:linux_kernel:6.8.5
Linux » Linux Kernel » Version: 6.8.6

cpe:2.3:o:linux:linux_kernel:6.8.6
Linux » Linux Kernel » Version: 6.8.7

cpe:2.3:o:linux:linux_kernel:6.8.7
Linux » Linux Kernel » Version: 6.8.8

cpe:2.3:o:linux:linux_kernel:6.8.8
Linux » Linux Kernel » Version: 6.8.9

cpe:2.3:o:linux:linux_kernel:6.8.9
Linux » Linux Kernel » Version: 6.9

cpe:2.3:o:linux:linux_kernel:6.9
Linux » Linux Kernel » Version: 6.9.1

cpe:2.3:o:linux:linux_kernel:6.9.1
Linux » Linux Kernel » Version: 6.9.2

cpe:2.3:o:linux:linux_kernel:6.9.2
Linux » Linux Kernel » Version: 6.9.3

cpe:2.3:o:linux:linux_kernel:6.9.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-36477

Products

Pricing

Contact Us