CVE-2024-47408

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-47408
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47408.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-47408
Downstream
Related
Published
2025-01-11T13:15:22Z
Modified
2025-08-09T19:01:28Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net/smc: check smcdv2ext_offset when receiving proposal msg

When receiving proposal msg in server, the field smcdv2extoffset in proposal msg is from the remote client and can not be fully trusted. Once the value of smcdv2extoffset exceed the max value, there has the chance to access wrong address, and crash may happen.

This patch checks the value of smcdv2ext_offset before using it.

References

Affected packages