216.73.216.67

CVE-2024-35915

· Published 19/05/2024 09:15 · Modified 19/05/2024 09:15

Labels: CVE-2024-35915 2024-05-19416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2024-35915

Essential information

Published
19/05/2024 09:15
Modified
19/05/2024 09:15
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero, each message type handler reads uninitialized payload and KMSAN detects this issue. The receipt of a packet with a zero-size payload is considered unexpected, and therefore, such packets should be silently discarded. This patch resolved this issue by checking payload size before calling each message type handler codes.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References