DEBIAN-CVE-2024-46684

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2024-46684

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-46684.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2024-46684

Upstream

CVE-2024-46684

Published

2024-09-13T06:15:13Z

Modified

2025-09-30T03:54:25Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: binfmtelffdpic: fix AUXV size calculation when ELFHWCAP2 is defined createelffdpictables() does not correctly account the space for the AUX vector when an architecture has ELFHWCAP2 defined. Prior to the commit 10e29251be0e ("binfmtelffdpic: fix /proc/<pid>/auxv") it resulted in the last entry of the AUX vector being set to zero, but with that change it results in a kernel BUG. Fix that by adding one to the number of AUXV entries (nitems) when ELFHWCAP2 is defined.

References

https://security-tracker.debian.org/tracker/CVE-2024-46684

Affected packages

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.10.9-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.10.9-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}