PT-2024-32179 · Linux · Linux Kernel
Eduard Zingerman
·
Published
2024-08-31
·
Updated
2025-09-26
·
CVE-2024-46764
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue occurs in the
btf name valid section() function when the length of the name string is 1 and the value of name[0] is a NULL byte, causing an out-of-bounds vulnerability. The return value is true, allowing the invalid name to pass the check. To resolve this, it is necessary to check if the first position is a NULL byte and if the first character is printable.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel