NVD

CVE-2024-26613 Detail

Rejected

CVE has been marked "REJECT" in the CVE List. These CVEs are stored in the NVD, but do not show up in search results.

Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink	Resource

Weakness Enumeration

CWE-ID	CWE Name	Source

Change History

4 change records found show changes

CVE Modified by kernel.org 3/12/2024 10:15:07 AM

Action	Type	Old Value	New Value
Changed	Description	Record truncated, showing 500 of 1702 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Syzcaller UBSAN crash occurs in rds_cmsg_recv(), which reads inc->i_rx_lat_trace[j + 1] with index 4 (3 + 1), but with array size of 4 (RDS_RX_MAX_TRACES). Here 'j' is assigned from rs->rs_rx_trace[i] and in-turn from trace.rx_trace_pos[i] in rds_recv_track_latency(), with both arrays sized 3 (RDS_MSG_RX_DGRAM_TRACE_MAX). So fix the off-by-one bounds check in rds_r	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed	Reference	Linux https://git.kernel.org/stable/c/00d1ee8e1d02194f7b7b433e904e04bbcd2cc0dc
Removed	Reference	Linux https://git.kernel.org/stable/c/0b787c2dea15e7a2828fa3a74a5447df4ed57711
Removed	Reference	Linux https://git.kernel.org/stable/c/13e788deb7348cc88df34bed736c3b3b9927ea52
Removed	Reference	Linux https://git.kernel.org/stable/c/344350bfa3b4b37d7c3d5a00536e6fbf0e953fbf
Removed	Reference	Linux https://git.kernel.org/stable/c/5ae8d50044633306ff160fcf7faa24994175efe1
Removed	Reference	Linux https://git.kernel.org/stable/c/71024928b3f71ce4529426f8692943205c58d30b
Removed	Reference	Linux https://git.kernel.org/stable/c/7a73190ea557e7f26914b0fe04c1f57a96cb771f
Removed	Reference	Linux https://git.kernel.org/stable/c/a37ae111db5e0f7e3d6b692056c30e3e0f6f79cd

New CVE Received from kernel.org 3/11/2024 2:15:19 PM

Action	Type	New Value
Added	Description	Record truncated, showing 500 of 1702 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv Syzcaller UBSAN crash occurs in rds_cmsg_recv(), which reads inc->i_rx_lat_trace[j + 1] with index 4 (3 + 1), but with array size of 4 (RDS_RX_MAX_TRACES). Here 'j' is assigned from rs->rs_rx_trace[i] and in-turn from trace.rx_trace_pos[i] in rds_recv_track_latency(), with both arrays sized 3 (RDS_MSG_RX_DGRAM_TRACE_MAX). So fix the off-by-one bounds check in rds_r
Added	Reference	Linux https://git.kernel.org/stable/c/00d1ee8e1d02194f7b7b433e904e04bbcd2cc0dc [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/0b787c2dea15e7a2828fa3a74a5447df4ed57711 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/13e788deb7348cc88df34bed736c3b3b9927ea52 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/344350bfa3b4b37d7c3d5a00536e6fbf0e953fbf [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/5ae8d50044633306ff160fcf7faa24994175efe1 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/71024928b3f71ce4529426f8692943205c58d30b [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/7a73190ea557e7f26914b0fe04c1f57a96cb771f [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/a37ae111db5e0f7e3d6b692056c30e3e0f6f79cd [No types assigned]

Quick Info

CVE Dictionary Entry:
CVE-2024-26613
NVD Published Date:
03/11/2024
NVD Last Modified:
03/12/2024
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2024-26613 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Change History

CVE Translated by kernel.org 3/12/2024 10:15:07 AM

CVE Modified by kernel.org 3/12/2024 10:15:07 AM

CVE Rejected by kernel.org 3/12/2024 10:15:07 AM

New CVE Received from kernel.org 3/11/2024 2:15:19 PM

Quick Info