Vulnerability CVE-2024-27401


Published: 2024-05-14

Description:
In the Linux kernel, the following vulnerability has been resolved:

firewire: nosy: ensure user_length is taken into account when fetching packet contents

Ensure that packet_buffer_get respects the user_length provided. If
the length of the head packet exceeds the user_length, packet_buffer_get
will now return 0 to signify to the user that no data were read
and a larger buffer size is required. Helps prevent user space overflows.

 References:
https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98

Copyright 2026, cxsecurity.com

 

Back to Top