U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-27436 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/22cad1b841a63635a38273b799b4791f202ade72
https://git.kernel.org/stable/c/5cd466673b34bac369334f66cbe14bb77b7d7827
https://git.kernel.org/stable/c/629af0d5fe94a35f498ba2c3f19bd78bfa591be6
https://git.kernel.org/stable/c/6d5dc96b154be371df0d62ecb07efe400701ed8a
https://git.kernel.org/stable/c/6d88b289fb0a8d055cb79d1c46a56aba7809d96d
https://git.kernel.org/stable/c/7e2c1b0f6dd9abde9e60f0f9730026714468770f
https://git.kernel.org/stable/c/9af1658ba293458ca6a13f70637b9654fa4be064
https://git.kernel.org/stable/c/a39d51ff1f52cd0b6fe7d379ac93bd8b4237d1b7
https://git.kernel.org/stable/c/c8a24fd281dcdf3c926413dafbafcf35cde517a9

Weakness Enumeration

CWE-ID CWE Name Source
CWE-787 Out-of-bounds Write CISA-ADP  

Change History

6 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-27436
NVD Published Date:
05/17/2024
NVD Last Modified:
11/07/2024
Source:
kernel.org