PT-2024-7195 · Linux+10 · Linux Kernel+10

Shigeru Yoshida

+1

·

Published

2024-07-24

·

Updated

2025-09-29

·

CVE-2024-42284

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50
Description The issue is related to a buffer overflow in the tipc udp addr2str() function in the Linux kernel's TIPC (Transparent Inter Process Communication) protocol implementation. This can occur when an invalid UDP media address is provided, potentially leading to a buffer overflow access in tipc media addr printf(). The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations To resolve the issue, update the Linux kernel to version 6.6.50 or later. As a temporary workaround, consider modifying the tipc udp addr2str() function to return a non-zero value when an invalid UDP media address is encountered, thus preventing the buffer overflow access in tipc media addr printf().

Exploit

Fix

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

ALSA-2024:8162
ALSA-2024:8856
ALSA-2024:8870
ALSA-2025_16880
ALT-PU-2024-11345
ALT-PU-2024-11524
ALT-PU-2024-11577
ALT-PU-2024-11855
ALT-PU-2024-11863
ALT-PU-2024-12232
ALT-PU-2024-12537
ALT-PU-2024-13121
ALT-PU-2024-13979
ALT-PU-2024-14046
AZL-47796
AZL-47835
BDU:2024-08534
CESA-2024_8856
CESA-2024_8870
CVE-2024-42284
DLA-3912-1
DLA-4008-1
INFSA-2024_8162
INFSA-2024_8856
INFSA-2024_8870
MGASA-2024-0309
MGASA-2024-0310
OESA-2024-2076
OESA-2024-2077
OESA-2024-2078
OESA-2024-2079
OESA-2024-2080
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
RHSA-2024:8107
RHSA-2024:8157
RHSA-2024:8158
RHSA-2024:8162
RHSA-2024:8856
RHSA-2024:8870
RHSA-2024_8162
RHSA-2024_8856
RHSA-2024_8870
RLSA-2024:8162
RLSA-2024:8856
RLSA-2024:8870
SUSE-SU-2024:3189-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3251-1
SUSE-SU-2024:3252-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-7069-1
USN-7069-2
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7100-1
USN-7100-2
USN-7110-1
USN-7119-1
USN-7123-1
USN-7144-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7194-1
USN-7196-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu