CVE-2024-39480

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992", "name": "https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992", "tags": ["Mailing List", "Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a", "name": "https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a", "tags": ["Mailing List", "Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96", "name": "https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96", "tags": ["Mailing List", "Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33", "name": "https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33", "tags": ["Mailing List", "Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7", "name": "https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7", "tags": ["Mailing List", "Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5", "name": "https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5", "tags": ["Mailing List", "Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7", "name": "https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7", "tags": ["Mailing List", "Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454", "name": "https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454", "tags": ["Mailing List", "Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-120"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-39480", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}}, "publishedDate": "2024-07-05T07:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.219", "versionStartIncluding": "5.10"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.15.161", "versionStartIncluding": "5.15"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.4.278", "versionStartIncluding": "5.4"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.19.316", "versionStartIncluding": "4.19"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.9.5", "versionStartIncluding": "6.9"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.34", "versionStartIncluding": "6.6"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.1.94", "versionStartIncluding": "6.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-08-21T08:35Z"}