CVE-2024-38623

critical

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixed size Should fix smatch warning: ntfs_set_label() error: __builtin_memcpy() 'uni->name' too small (20 vs 256)

References

https://git.kernel.org/stable/c/cceef44b34819c24bb6ed70dce5b524bd3e368d1

https://git.kernel.org/stable/c/a2de301d90b782ac5d7a5fe32995caaee9ab3a0f

https://git.kernel.org/stable/c/3839a9b19a4b70eff6b6ad70446f639f7fd5a3d7

https://git.kernel.org/stable/c/1fe1c9dc21ee52920629d2d9b9bd84358931a8d1

https://git.kernel.org/stable/c/1997cdc3e727526aa5d84b32f7cbb3f56459b7ef

Details

Source: Mitre, NVD

Published: 2024-06-21

Updated: 2025-03-24

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00855

Detections

Analytics