CVE-2024-54456

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-54456
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-54456.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-54456
Downstream
Related
Published
2025-02-27T02:18:08.143Z
Modified
2026-03-12T15:33:37.731031Z
Summary
NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
Details

In the Linux kernel, the following vulnerability has been resolved:

NFS: Fix potential buffer overflowin nfssysfslinkrpcclient()

name is char[64] where the size of clnt->cl_program->name remains unknown. Invoking strcat() directly will also lead to potential buffer overflow. Change them to strscpy() and strncat() to fix potential issues.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/54xxx/CVE-2024-54456.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e13b549319a684dd80c4cc25e9567a5c84007e32
Fixed
19b3ca651b4b473878c73539febe477905041442
Fixed
dd8830779b77f4d1206d28d02ad56a03fc0e78f7
Fixed
e8e0eb5601d4a6c74c336e3710afe3a0348c469d
Fixed
49fd4e34751e90e6df009b70cd0659dc839e7ca8

Affected versions

v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.2
v6.13.3
v6.4
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.55
v6.6.56
v6.6.57
v6.6.58
v6.6.59
v6.6.6
v6.6.60
v6.6.61
v6.6.62
v6.6.63
v6.6.64
v6.6.65
v6.6.66
v6.6.67
v6.6.68
v6.6.69
v6.6.7
v6.6.70
v6.6.71
v6.6.72
v6.6.73
v6.6.74
v6.6.75
v6.6.76
v6.6.77
v6.6.78
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Database specific

vanir_signatures 
[
    {
        "digest": {
            "length": 407.0,
            "function_hash": "277963309032696413289506489360141782015"
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "id": "CVE-2024-54456-916cc8a7",
        "target": {
            "function": "nfs_sysfs_link_rpc_client",
            "file": "fs/nfs/sysfs.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8e0eb5601d4a6c74c336e3710afe3a0348c469d"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "150810446637451827191901109846504612284",
                "130350454903567984440283625052468093899",
                "68395454594408567472129573223160052734",
                "13164673608563102393539142079239317214",
                "21228245208934234354781415570397020098",
                "275264448885811976370390428751963963229"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "id": "CVE-2024-54456-d4f76360",
        "target": {
            "file": "fs/nfs/sysfs.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e8e0eb5601d4a6c74c336e3710afe3a0348c469d"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-54456.json"