CVE-2024-39480— kdb: Fix buffer overflow during tab-complete
Affected Version Matrix 18
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 5d5314d6795f3c1c0f415348ff8c51f7de042b77< fb824a99e148ff272a53d71d84122728b5f00992 | affected |
5d5314d6795f3c1c0f415348ff8c51f7de042b77< ddd2972d8e2dee3b33e8121669d55def59f0be8a | affected | ||
5d5314d6795f3c1c0f415348ff8c51f7de042b77< cfdc2fa4db57503bc6d3817240547c8ddc55fa96 | affected | ||
5d5314d6795f3c1c0f415348ff8c51f7de042b77< f636a40834d22e5e3fc748f060211879c056cd33 | affected | ||
5d5314d6795f3c1c0f415348ff8c51f7de042b77< 33d9c814652b971461d1e30bead6792851c209e7 | affected | ||
5d5314d6795f3c1c0f415348ff8c51f7de042b77< 107e825cc448b7834b31e8b1b3cf0f57426d46d5 | affected | ||
5d5314d6795f3c1c0f415348ff8c51f7de042b77< f694da720dcf795dc3eb97bf76d220213f76aaa7 | affected | ||
5d5314d6795f3c1c0f415348ff8c51f7de042b77< e9730744bf3af04cda23799029342aa3cddbc454 | affected | ||
| … +10 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-39480
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
kdb: Fix buffer overflow during tab-complete
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy() to insert the completed symbol into the command buffer. Unfortunately it passes the size of the source buffer rather than the destination to strncpy() with predictably horrible results. Most obviously if the command buffer is already full but cp, the cursor position, is in the middle of the buffer, then we will write past the end of the supplied buffer. Fix this by replacing the dubious strncpy() calls with memmove()/memcpy() calls plus explicit boundary checks to make sure we have enough space before we start moving characters around.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于tab补全期间缓冲区溢出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-39480
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-39480
请登录查看更多情报信息。
Same Patch Batch · Linux · 2024-07-05 · 14 CVEs total
| CVE-2024-39485 | media: v4l: async: Properly re-initialise notifier entry in unregister | |
| CVE-2024-39484 | mmc: davinci: Don't strip remove function when driver is builtin | |
| CVE-2024-39482 | bcache: fix variable length array abuse in btree_iter | |
| CVE-2024-39483 | KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked | |
| CVE-2024-39481 | media: mc: Fix graph walk in media_pipeline_start | |
| CVE-2024-39479 | drm/i915/hwmon: Get rid of devm | |
| CVE-2024-39478 | crypto: starfive - Do not free stack buffer | |
| CVE-2024-39476 | md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING | |
| CVE-2024-39477 | mm/hugetlb: do not call vma_add_reservation upon ENOMEM | |
| CVE-2024-39475 | fbdev: savage: Handle err return when savagefb_check_var failed | |
| CVE-2024-39474 | mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL | |
| CVE-2024-39473 | ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension | |
| CVE-2024-39472 | xfs: fix log recovery buffer allocation for the legacy h_size fixup |
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
Same vendor: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
V. Comments for CVE-2024-39480
No comments yet