PT-2024-9000 · Linux+5 · Linux Kernel+5

Bui Quang Minh

·

Published

2024-04-25

·

Updated

2025-05-13

·

CVE-2024-36934

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to errors in reading beyond the buffer memory boundaries in the bna component of the Linux kernel. This can lead to an out-of-bounds (OOB) read when using sscanf. The problem arises because the copied buffer is not ensured to be NUL terminated, which can cause issues when sscanf is used on this buffer.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Memory Corruption

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787CWE-20

Related Identifiers

BDU:2024-10682
CVE-2024-36934
DLA-3840-1
DLA-3843-1
DSA-5703-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1736
OESA-2024-2124
OESA-2024-2126
OESA-2024-2153
OESA-2024-2258
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6949-1
USN-6949-2
USN-6950-1
USN-6950-2
USN-6950-3
USN-6950-4
USN-6951-1
USN-6951-2
USN-6951-3
USN-6951-4
USN-6952-1
USN-6952-2
USN-6953-1
USN-6955-1
USN-6956-1
USN-6957-1
USN-6979-1
USN-7019-1
USN-7496-1
USN-7496-2
USN-7496-3
USN-7496-4
USN-7496-5
USN-7506-1
USN-7506-2
USN-7506-3
USN-7506-4

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu