IM
IronMonkey Threat Research

CVE-2024-50246 HIGH

Published: 2024-11-09 | Last Modified: 2026-05-12 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr alloc_size check

Additional Descriptions (1)

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: Agregar comprobación aproximada del atributo alloc_size

CVSS Metrics

Base Score: 7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 5.9

Weaknesses

Source Type Description
[email protected] Primary
en NVD-CWE-noinfo

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702bdd0d7d80> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bdd0d7780> Operating System
linux linux_kernel 6.12 <built-in method update of dict object at 0x702bcb9f7040> Operating System
linux linux_kernel 6.12 <built-in method update of dict object at 0x702bdc371100> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*

References

Notification
Message here