PT-2024-1423 · Linux+10 · Linux Kernel+10

Gui-Dong Han

+1

·

Publicado

2024-01-25

·

Atualizado

2026-05-12

·

CVE-2024-23307

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Nome do software vulnerável e versões afetadas
Versões do kernel Linux anteriores à 6.6.28
Descrição
O problema está relacionado a um estouro de inteiro na função raid5 cache count() do driver RAID do kernel Linux. Isso pode permitir que um invasor comprometa a confidencialidade, integridade e disponibilidade de informações protegidas. A vulnerabilidade está associada aos módulos md, raid e raid5 no kernel Linux nas arquiteturas Linux, x86 e ARM.
Recomendações
Para versões anteriores à 6.6.28, atualize para a versão 6.6.28 ou posterior para resolver o problema.
Como solução alternativa temporária, considere restringir o acesso aos módulos vulneráveis (md, raid, raid5) para minimizar o risco de exploração.

Correção

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALSA-2024:3618
ALSA-2024:3627
ALT-PU-2024-10855
ALT-PU-2024-1867
AZL-34004
AZL-34876
BDU:2024-00896
CESA-2024_3618
CESA-2024_3627
CVE-2024-23307
INFSA-2024_3618
INFSA-2024_3627
INFSA-2024_9315
MGASA-2024-0141
MGASA-2024-0142
OESA-2024-1344
OESA-2024-1355
OESA-2024-1356
OESA-2024-1357
OESA-2024-1392
OESA-2024-1393
OPENSUSE-SU-2024:13817-1
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1490-1
OPENSUSE-SU-2024_1641-1
OPENSUSE-SU-2024_1642-1
OPENSUSE-SU-2024_1644-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
OPENSUSE-SU-2024_3623-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3651-1
OPENSUSE-SU-2024_3652-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3696-1
OPENSUSE-SU-2024_3697-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3798-1
OPENSUSE-SU-2024_3814-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3851-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4235-1
OPENSUSE-SU-2024_4256-1
OPENSUSE-SU-2024_4264-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2025:14705-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0244-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0266-1
RHSA-2024:3618
RHSA-2024:3627
RHSA-2024:9315
RHSA-2024_3618
RHSA-2024_3627
RHSA-2024_9315
RHSA-2025:1658
RLSA-2024:3618
RLSA-2024:3627
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1490-1
SUSE-SU-2024:1641-1
SUSE-SU-2024:1642-1
SUSE-SU-2024:1643-1
SUSE-SU-2024:1644-1
SUSE-SU-2024:1645-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1647-1
SUSE-SU-2024:1650-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:1870-1
SUSE-SU-2024:2326-1
SUSE-SU-2024:2337-1
SUSE-SU-2024:2338-1
SUSE-SU-2024:2341-1
SUSE-SU-2024:2342-1
SUSE-SU-2024:2343-1
SUSE-SU-2024:2344-1
SUSE-SU-2024:2357-1
SUSE-SU-2024:2358-1
SUSE-SU-2024:2368-1
SUSE-SU-2024:2373-1
SUSE-SU-2024:2382-1
SUSE-SU-2024:2396-1
SUSE-SU-2024:2437-1
SUSE-SU-2024:2446-1
SUSE-SU-2024:2447-1
SUSE-SU-2024:2448-1
SUSE-SU-2024:2472-1
SUSE-SU-2024:2487-1
SUSE-SU-2024:2488-1
SUSE-SU-2024:2530-1
SUSE-SU-2024:2549-1
SUSE-SU-2024:2558-1
SUSE-SU-2024:2722-1
SUSE-SU-2024:2740-1
SUSE-SU-2024:2751-1
SUSE-SU-2024:2755-1
SUSE-SU-2024:2758-1
SUSE-SU-2024:2773-1
SUSE-SU-2024:2821-1
SUSE-SU-2024:2824-1
SUSE-SU-2024:2825-1
SUSE-SU-2024:2840-1
SUSE-SU-2024:2850-1
SUSE-SU-2024:2851-1
SUSE-SU-2024:3034-1
SUSE-SU-2024:3037-1
SUSE-SU-2024:3043-1
SUSE-SU-2024:3044-1
SUSE-SU-2024:3048-1
SUSE-SU-2024:3318-1
SUSE-SU-2024:3347-1
SUSE-SU-2024:3368-1
SUSE-SU-2024:3375-1
SUSE-SU-2024:3379-1
SUSE-SU-2024:3399-1
SUSE-SU-2024:3623-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3642-1
SUSE-SU-2024:3649-1
SUSE-SU-2024:3651-1
SUSE-SU-2024:3652-1
SUSE-SU-2024:3662-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3696-1
SUSE-SU-2024:3697-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3796-1
SUSE-SU-2024:3798-1
SUSE-SU-2024:3803-1
SUSE-SU-2024:3814-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3851-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4235-1
SUSE-SU-2024:4242-1
SUSE-SU-2024:4256-1
SUSE-SU-2024:4263-1
SUSE-SU-2024:4264-1
SUSE-SU-2024:4266-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0244-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0266-1
SUSE-SU-2025:0834-1
SUSE-SU-2025_0834-1
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6865-1
USN-6866-1
USN-6866-2
USN-6866-3
USN-6878-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6900-1
USN-6917-1
USN-6919-1
USN-6927-1
USN-7019-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu