PT-2024-21520 · Linux+9 · Linux Kernel+9
Published
2024-02-11
·
Updated
2026-03-14
·
CVE-2024-26828
CVSS v2.0
7.1
High
| Base vector | Vector | AV:A/AC:L/Au:S/C:N/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to a fix for an underflow in the
parse server interfaces() function. In this loop, the code checks if the size left is greater than the minimum size needed after each item. However, the problem arises because bytes left is of type ssize t while sizeof() is of type size t, leading to type promotion and an unsigned comparison. This results in the loop continuing instead of ending when there are negative bytes left.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
DoS
Integer Underflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
ALSA-2024:5363
ALSA-2025_16880
BDU:2025-04405
CVE-2024-26828
INFSA-2024_5363
LSN-0105-1
OESA-2024-1617
OESA-2024-1618
OESA-2024-1620
OESA-2024-1621
OESA-2024-1622
OESA-2024-1647
OPENSUSE-SU-2024_2185-1
OPENSUSE-SU-2024_2189-1
OPENSUSE-SU-2024_3623-1
OPENSUSE-SU-2024_3625-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3632-1
OPENSUSE-SU-2024_3639-1
OPENSUSE-SU-2024_3651-1
OPENSUSE-SU-2024_3652-1
OPENSUSE-SU-2024_3679-1
OPENSUSE-SU-2024_3685-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3696-1
OPENSUSE-SU-2024_3697-1
OPENSUSE-SU-2024_3700-1
OPENSUSE-SU-2024_3701-1
OPENSUSE-SU-2024_3710-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3798-1
OPENSUSE-SU-2024_3806-1
OPENSUSE-SU-2024_3814-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3830-1
OPENSUSE-SU-2024_3831-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3851-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_3854-1
OPENSUSE-SU-2024_3855-1
OPENSUSE-SU-2024_3857-1
OPENSUSE-SU-2024_3860-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4124-1
OPENSUSE-SU-2024_4125-1
OPENSUSE-SU-2024_4180-1
OPENSUSE-SU-2024_4207-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4216-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4235-1
OPENSUSE-SU-2024_4236-1
OPENSUSE-SU-2024_4243-1
OPENSUSE-SU-2024_4256-1
OPENSUSE-SU-2024_4264-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0114-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0124-1
OPENSUSE-SU-2025_0137-1
OPENSUSE-SU-2025_0146-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0164-1
OPENSUSE-SU-2025_0238-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0244-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0253-1
OPENSUSE-SU-2025_0254-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0264-1
OPENSUSE-SU-2025_0266-1
RHSA-2024:3460
RHSA-2024:3461
RHSA-2024:5363
RHSA-2024_5363
RLSA-2024:5363
SUSE-SU-2024:1979-1
SUSE-SU-2024:1983-1
SUSE-SU-2024:2008-1
SUSE-SU-2024:2010-1
SUSE-SU-2024:2011-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2183-1
SUSE-SU-2024:2184-1
SUSE-SU-2024:2185-1
SUSE-SU-2024:2189-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2326-1
SUSE-SU-2024:2335-1
SUSE-SU-2024:2337-1
SUSE-SU-2024:2338-1
SUSE-SU-2024:2341-1
SUSE-SU-2024:2342-1
SUSE-SU-2024:2343-1
SUSE-SU-2024:2344-1
SUSE-SU-2024:2351-1
SUSE-SU-2024:2357-1
SUSE-SU-2024:2358-1
SUSE-SU-2024:2368-1
SUSE-SU-2024:2369-1
SUSE-SU-2024:2373-1
SUSE-SU-2024:2382-1
SUSE-SU-2024:2396-1
SUSE-SU-2024:2407-1
SUSE-SU-2024:2410-1
SUSE-SU-2024:2437-1
SUSE-SU-2024:2446-1
SUSE-SU-2024:2447-1
SUSE-SU-2024:2448-1
SUSE-SU-2024:2449-1
SUSE-SU-2024:2472-1
SUSE-SU-2024:2473-1
SUSE-SU-2024:2474-1
SUSE-SU-2024:2480-1
SUSE-SU-2024:2487-1
SUSE-SU-2024:2488-1
SUSE-SU-2024:2530-1
SUSE-SU-2024:2549-1
SUSE-SU-2024:2558-1
SUSE-SU-2024:2559-1
SUSE-SU-2024:2722-1
SUSE-SU-2024:2723-1
SUSE-SU-2024:2725-1
SUSE-SU-2024:2726-1
SUSE-SU-2024:2740-1
SUSE-SU-2024:2751-1
SUSE-SU-2024:2755-1
SUSE-SU-2024:2758-1
SUSE-SU-2024:2759-1
SUSE-SU-2024:2773-1
SUSE-SU-2024:2792-1
SUSE-SU-2024:2821-1
SUSE-SU-2024:2822-1
SUSE-SU-2024:2824-1
SUSE-SU-2024:2825-1
SUSE-SU-2024:2840-1
SUSE-SU-2024:2841-1
SUSE-SU-2024:2843-1
SUSE-SU-2024:2850-1
SUSE-SU-2024:2851-1
SUSE-SU-2024:2852-1
SUSE-SU-2024:3015-1
SUSE-SU-2024:3034-1
SUSE-SU-2024:3037-1
SUSE-SU-2024:3039-1
SUSE-SU-2024:3043-1
SUSE-SU-2024:3044-1
SUSE-SU-2024:3048-1
SUSE-SU-2024:3318-1
SUSE-SU-2024:3320-1
SUSE-SU-2024:3334-1
SUSE-SU-2024:3336-1
SUSE-SU-2024:3347-1
SUSE-SU-2024:3348-1
SUSE-SU-2024:3349-1
SUSE-SU-2024:3363-1
SUSE-SU-2024:3368-1
SUSE-SU-2024:3375-1
SUSE-SU-2024:3379-1
SUSE-SU-2024:3399-1
SUSE-SU-2024:3623-1
SUSE-SU-2024:3625-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3632-1
SUSE-SU-2024:3639-1
SUSE-SU-2024:3642-1
SUSE-SU-2024:3649-1
SUSE-SU-2024:3651-1
SUSE-SU-2024:3652-1
SUSE-SU-2024:3662-1
SUSE-SU-2024:3663-1
SUSE-SU-2024:3679-1
SUSE-SU-2024:3685-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3696-1
SUSE-SU-2024:3697-1
SUSE-SU-2024:3700-1
SUSE-SU-2024:3701-1
SUSE-SU-2024:3710-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3796-1
SUSE-SU-2024:3798-1
SUSE-SU-2024:3803-1
SUSE-SU-2024:3806-1
SUSE-SU-2024:3814-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3821-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3830-1
SUSE-SU-2024:3831-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3849-1
SUSE-SU-2024:3851-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:3854-1
SUSE-SU-2024:3855-1
SUSE-SU-2024:3857-1
SUSE-SU-2024:3860-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4124-1
SUSE-SU-2024:4125-1
SUSE-SU-2024:4180-1
SUSE-SU-2024:4207-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4216-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4235-1
SUSE-SU-2024:4236-1
SUSE-SU-2024:4242-1
SUSE-SU-2024:4243-1
SUSE-SU-2024:4249-1
SUSE-SU-2024:4250-1
SUSE-SU-2024:4256-1
SUSE-SU-2024:4263-1
SUSE-SU-2024:4264-1
SUSE-SU-2024:4266-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0114-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0124-1
SUSE-SU-2025:0137-1
SUSE-SU-2025:0146-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0164-1
SUSE-SU-2025:0238-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0244-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0253-1
SUSE-SU-2025:0254-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0264-1
SUSE-SU-2025:0266-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6900-1
USN-6917-1
USN-6919-1
USN-6927-1
USN-7019-1
Affected Products
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
References · 4176
- 🔥 https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26828.json⭐ 2707 🔗 591 · Exploit
- https://ubuntu.com/security/CVE-2024-41097 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-42092 · Vendor Advisory
- https://ubuntu.com/security/CVE-2023-52699 · Vendor Advisory
- https://ubuntu.com/security/notices/USN-6927-1 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-26875 · Security Note
- https://ubuntu.com/security/CVE-2024-27077 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-42102 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-40929 · Vendor Advisory
- https://ubuntu.com/security/notices/USN-6898-2 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-26895 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-26994 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-26772 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-26848 · Vendor Advisory
- https://ubuntu.com/security/CVE-2024-26956 · Vendor Advisory