CVE-2024-56662— acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-56662
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl Fix an issue detected by syzbot with KASAN: BUG: KASAN: vmalloc-out-of-bounds in cmd_to_func drivers/acpi/nfit/ core.c:416 [inline] BUG: KASAN: vmalloc-out-of-bounds in acpi_nfit_ctl+0x20e8/0x24a0 drivers/acpi/nfit/core.c:459 The issue occurs in cmd_to_func when the call_pkg->nd_reserved2 array is accessed without verifying that call_pkg points to a buffer that is appropriately sized as a struct nd_cmd_pkg. This can lead to out-of-bounds access and undefined behavior if the buffer does not have sufficient space. To address this, a check was added in acpi_nfit_ctl() to ensure that buf is not NULL and that buf_len is less than sizeof(*call_pkg) before accessing it. This ensures safe access to the members of call_pkg, including the nd_reserved2 array.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于acpi:nfit模块中acpi_nfit_ctl函数中的vmalloc越界读取。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-56662
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | cve | https://github.com/nimosec/cve-2024-56662 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-56662
请登录查看更多情报信息。
Same Patch Batch · Linux · 2024-12-27 · 221 CVEs total
| CVE-2024-56606 | af_packet: avoid erroring out after sock_init_data() in packet_create() | |
| CVE-2024-56592 | bpf: Call free_htab_elem() after htab_unlock_bucket() | |
| CVE-2024-56594 | drm/amdgpu: set the right AMDGPU sg segment limitation | |
| CVE-2024-56595 | jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree | |
| CVE-2024-56596 | jfs: fix array-index-out-of-bounds in jfs_readdir | |
| CVE-2024-56597 | jfs: fix shift-out-of-bounds in dbSplit | |
| CVE-2024-56598 | jfs: array-index-out-of-bounds fix in dtReadFirst | |
| CVE-2024-56599 | wifi: ath10k: avoid NULL pointer error during sdio remove | |
| CVE-2024-56601 | net: inet: do not leave a dangling sk pointer in inet_create() | |
| CVE-2024-56600 | net: inet6: do not leave a dangling sk pointer in inet6_create() | |
| CVE-2024-56602 | net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() | |
| CVE-2024-56603 | net: af_can: do not leave a dangling sk pointer in can_create() | |
| CVE-2024-56604 | Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() | |
| CVE-2024-56605 | Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() | |
| CVE-2024-56617 | cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU | |
| CVE-2024-56614 | xsk: fix OOB map writes when deleting elements | |
| CVE-2024-56615 | bpf: fix OOB devmap writes when deleting elements | |
| CVE-2024-56616 | drm/dp_mst: Fix MST sideband message body length check | |
| CVE-2024-56613 | sched/numa: fix memory leak due to the overwritten vma->numab_state | |
| CVE-2024-56618 | pmdomain: imx: gpcv2: Adjust delay after power up handshake |
Showing top 20 of 221 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
Same vendor: Linux
- CVE-2026-46333
ptrace: slightly saner 'get_dumpable()' logic - CVE-2026-43490
ksmbd: validate inherited ACE SID length - CVE-2026-43489
liveupdate: luo_file: remember retrieve() status - CVE-2026-43487
ata: libata-core: Disable LPM on ST1000DM010-2EP102 - CVE-2026-43488
usb: xhci: Prevent interrupt storm on host controller error
V. Comments for CVE-2024-56662
No comments yet