CVE-2024-57850

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-57850
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-57850.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-57850
Downstream
Related
Published
2025-01-11T15:15:07Z
Modified
2025-08-09T19:01:27Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

jffs2: Prevent rtime decompress memory corruption

The rtime decompression routine does not fully check bounds during the entirety of the decompression pass and can corrupt memory outside the decompression buffer if the compressed data is corrupted. This adds the required check to prevent this failure mode.

References

Affected packages