CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-39478

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.1%

CVSS Severity

CVSS v3 Score 5.5

References

https://git.kernel.org/stable/c/5944de192663f272033501dcd322b008fca72006
https://git.kernel.org/stable/c/d7f01649f4eaf1878472d3d3f480ae1e50d98f6c
https://git.kernel.org/stable/c/5944de192663f272033501dcd322b008fca72006
https://git.kernel.org/stable/c/d7f01649f4eaf1878472d3d3f480ae1e50d98f6c

Products affected by CVE-2024-39478

Linux » Linux Kernel » Version: 6.9

cpe:2.3:o:linux:linux_kernel:6.9
Linux » Linux Kernel » Version: 6.9.1

cpe:2.3:o:linux:linux_kernel:6.9.1
Linux » Linux Kernel » Version: 6.9.2

cpe:2.3:o:linux:linux_kernel:6.9.2
Linux » Linux Kernel » Version: 6.9.3

cpe:2.3:o:linux:linux_kernel:6.9.3
Linux » Linux Kernel » Version: 6.9.4

cpe:2.3:o:linux:linux_kernel:6.9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-39478

Products

Pricing

Contact Us