VYPR
Unrated severityNVD Advisory· Published May 30, 2024· Updated May 4, 2025

octeontx2-af: avoid off-by-one read from userspace

CVE-2024-36957

Description

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: avoid off-by-one read from userspace

We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. To ensure the copied buffer is NUL terminated, we use memdup_user_nul instead.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

144

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.