CVE-2024-41017

5.5 MEDIUM
Published: July 29, 2024 Modified: November 03, 2025
View on NVD

Description

In the Linux kernel, the following vulnerability has been resolved: jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://git.kernel.org/stable/c/17440dbc66ab98b410514b04987f61deedb86751
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/4e034f7e563ab723b93a59980e4a1bb33198ece8
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/6386f1b6a10e5d1ddd03db4ff6dfc55d488852ce
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/7e21574195a45fc193555fa40e99fed16565ff7e
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/7f91bd0f2941fa36449ce1a15faaa64f840d9746
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/d0fa70aca54c8643248e89061da23752506ec0d4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/dbde7bc91093fa9c2410e418b236b70fde044b73
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/f4435f476b9bf059cd9e26a69f5b29c768d00375
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/fc16776a82e8df97b6c4f9a10ba95aa44cef7ba5
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/17440dbc66ab98b410514b04987f61deedb86751
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/4e034f7e563ab723b93a59980e4a1bb33198ece8
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/6386f1b6a10e5d1ddd03db4ff6dfc55d488852ce
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/7e21574195a45fc193555fa40e99fed16565ff7e
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/7f91bd0f2941fa36449ce1a15faaa64f840d9746
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/d0fa70aca54c8643248e89061da23752506ec0d4
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/dbde7bc91093fa9c2410e418b236b70fde044b73
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/f4435f476b9bf059cd9e26a69f5b29c768d00375
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/fc16776a82e8df97b6c4f9a10ba95aa44cef7ba5
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108

19 reference(s) from NVD

Quick Stats

CVSS v3 Score
5.5 / 10.0
EPSS (Exploit Probability)
0.0%
4th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

linux