#VU96871 Buffer overflow in Linux kernel - CVE-2024-44966

Vulnerability identifier: #VU96871

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-44966

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the DATA_START_OFFSET_WORDS() and load_flat_binary() functions in fs/binfmt_flat.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/3a684499261d0f7ed5ee72793025c88c2276809c
https://git.kernel.org/stable/c/af65d5383854cc3f172a7d0843b628758bf462c8
https://git.kernel.org/stable/c/49df34d2b7da9e57c839555a2f7877291ce45ad1
https://git.kernel.org/stable/c/9350ba06ee61db392c486716ac68ecc20e030f7c
https://git.kernel.org/stable/c/3eb3cd5992f7a0c37edc8d05b4c38c98758d8671

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.