← Back to CVE List

CVE-2024-42130

Published: 2024-07-30T08:15Z
Last Modified: 2024-11-21T09:33Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
In the Linux kernel, the following vulnerability has been resolved: nfc/nci: Add the inconsistency check between the input data length and count write$nci(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="610501"], 0xf) Syzbot constructed a write() call with a data length of 3 bytes but a count value of 15, which passed too little data to meet the basic requirements of the function nci_rf_intf_activated_ntf_packet(). Therefore, increasing the comparison between data length and count value to avoid problems caused by inconsistent data length and count. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt