Vulnerability Details CVE-2024-38587
In the Linux kernel, the following vulnerability has been resolved:
speakup: Fix sizeof() vs ARRAY_SIZE() bug
The "buf" pointer is an array of u16 values. This code should be
using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),
otherwise it can the still got out of bounds.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.9%
CVSS Severity
CVSS v3 Score 5.3
References
- https://git.kernel.org/stable/c/008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b
- https://git.kernel.org/stable/c/07ef95cc7a579731198c93beed281e3a79a0e586
- https://git.kernel.org/stable/c/3726f75a1ccc16cd335c0ccfad1d92ee08ecba5e
- https://git.kernel.org/stable/c/42f0a3f67158ed6b2908d2b9ffbf7e96d23fd358
- https://git.kernel.org/stable/c/504178fb7d9f6cdb0496d5491efb05f45597e535
- https://git.kernel.org/stable/c/c6e1650cf5df1bd6638eeee231a683ef30c7d4eb
- https://git.kernel.org/stable/c/cd7f3978c2ec741aedd1d860b2adb227314cf996
- https://git.kernel.org/stable/c/d52c04474feac8e305814a5228e622afe481b2ef
- https://git.kernel.org/stable/c/eb1ea64328d4cc7d7a912c563f8523d5259716ef
- https://git.kernel.org/stable/c/008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b
- https://git.kernel.org/stable/c/07ef95cc7a579731198c93beed281e3a79a0e586
- https://git.kernel.org/stable/c/3726f75a1ccc16cd335c0ccfad1d92ee08ecba5e
- https://git.kernel.org/stable/c/42f0a3f67158ed6b2908d2b9ffbf7e96d23fd358
- https://git.kernel.org/stable/c/504178fb7d9f6cdb0496d5491efb05f45597e535
- https://git.kernel.org/stable/c/c6e1650cf5df1bd6638eeee231a683ef30c7d4eb
- https://git.kernel.org/stable/c/cd7f3978c2ec741aedd1d860b2adb227314cf996
- https://git.kernel.org/stable/c/d52c04474feac8e305814a5228e622afe481b2ef
- https://git.kernel.org/stable/c/eb1ea64328d4cc7d7a912c563f8523d5259716ef
Products affected by CVE-2024-38587
-
cpe:2.3:o:linux:linux_kernel:4.19.313
-
cpe:2.3:o:linux:linux_kernel:4.19.314
-
cpe:2.3:o:linux:linux_kernel:4.19.315
-
cpe:2.3:o:linux:linux_kernel:5.10.216
-
cpe:2.3:o:linux:linux_kernel:5.10.217
-
cpe:2.3:o:linux:linux_kernel:5.10.218
-
cpe:2.3:o:linux:linux_kernel:5.15.157
-
cpe:2.3:o:linux:linux_kernel:5.15.158
-
cpe:2.3:o:linux:linux_kernel:5.15.159
-
cpe:2.3:o:linux:linux_kernel:5.15.160
-
cpe:2.3:o:linux:linux_kernel:5.4.275
-
cpe:2.3:o:linux:linux_kernel:5.4.276
-
cpe:2.3:o:linux:linux_kernel:5.4.277
-
cpe:2.3:o:linux:linux_kernel:6.1.88
-
cpe:2.3:o:linux:linux_kernel:6.1.89
-
cpe:2.3:o:linux:linux_kernel:6.1.90
-
cpe:2.3:o:linux:linux_kernel:6.1.91
-
cpe:2.3:o:linux:linux_kernel:6.1.92
-
cpe:2.3:o:linux:linux_kernel:6.6.29
-
cpe:2.3:o:linux:linux_kernel:6.6.30
-
cpe:2.3:o:linux:linux_kernel:6.6.31
-
cpe:2.3:o:linux:linux_kernel:6.6.32
-
cpe:2.3:o:linux:linux_kernel:6.8.10
-
cpe:2.3:o:linux:linux_kernel:6.8.11
-
cpe:2.3:o:linux:linux_kernel:6.8.8
-
cpe:2.3:o:linux:linux_kernel:6.8.9
-
cpe:2.3:o:linux:linux_kernel:6.9
-
cpe:2.3:o:linux:linux_kernel:6.9.1
-
cpe:2.3:o:linux:linux_kernel:6.9.2