PT-2024-9052 · Linux+5 · Linux Kernel+5

Brian Kubisiak

·

Published

2024-04-05

·

Updated

2025-02-03

·

CVE-2024-38578

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.37
Description: The vulnerability is related to a buffer size issue in the ecryptfs component of the Linux kernel. Specifically, the 'TAG 66 Packet Format' description is missing the cipher code and checksum fields, resulting in a buffer allocation that is 3 bytes too small. This can cause the write tag 66 packet() function to write up to 3 bytes past the end of the buffer, leading to a slab-out-of-bounds bug. The issue is fixed by increasing the size of the allocation to ensure the whole packet fits in the buffer.
Recommendations: To resolve the issue, update the Linux kernel to version 6.6.37 or later. If updating is not possible, consider disabling the ecryptfs component or restricting its use to minimize the risk of exploitation.

Exploit

Fix

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

BDU:2024-10734
CVE-2024-38578
DLA-3840-1
DSA-5730-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1835
OESA-2024-1894
OESA-2024-1896
OESA-2024-1897
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2385-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2495-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6949-1
USN-6949-2
USN-6951-1
USN-6951-2
USN-6951-3
USN-6951-4
USN-6952-1
USN-6952-2
USN-6953-1
USN-6955-1
USN-6979-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7009-1
USN-7009-2
USN-7019-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu