Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow access can occur in tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP media address.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.1, < 4.19.320 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/253405541be2f15ffebdeac2f4cf4b7e9144d12fPatch
- https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0f1de62aPatch
- https://git.kernel.org/stable/c/5eea127675450583680c8170358bcba43227bd69Patch
- https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813Patch
- https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28Patch
- https://git.kernel.org/stable/c/7ec3335dd89c8d169e9650e4bac64fde71fdf15bPatch
- https://git.kernel.org/stable/c/aa38bf74899de07cf70b50cd17f8ad45fb6654c8Patch
- https://git.kernel.org/stable/c/fa96c6baef1b5385e2f0c0677b32b3839e716076Patch
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
FAQ
What is CVE-2024-42284?
CVE-2024-42284 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media ad...
How severe is CVE-2024-42284?
CVE-2024-42284 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-42284?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.