CVE-2024-41016

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-41016
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41016.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-41016
Downstream
Related
Published
2024-07-29T06:37:02.530Z
Modified
2026-03-14T12:35:05.087480Z
Summary
ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
Details

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: strict bound check before memcmp in ocfs2xattrfind_entry()

xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41016.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cf1d6c763fbcb115263114302485ad17e7933d87
Fixed
e2b3d7a9d019d4d1a0da6c3ea64a1ff79c99c090
Fixed
e8f9c4af7af7e9e4cd09c0251c7936593147419f
Fixed
57a3d89831fcaa2cdbe024b47c7c36d5a56c3637
Fixed
c031d286eceb82f72f8623b7f4abd2aa491bfb5e
Fixed
cfb926051fab19b10d1e65976211f364aa820180
Fixed
c726dea9d0c806d64c26fcef483b1fb9474d8c5e
Fixed
e4ffea01adf3323c821b6f37e9577d2d400adbaa
Fixed
af77c4fc1871847b528d58b7fdafb4aa1f6a9262

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41016.json"