CVE-2024-36288

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-36288

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36288.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-36288

Downstream

DEBIAN-CVE-2024-36288

DLA-3840-1

DSA-5730-1

SUSE-SU-2024:2892-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

UBUNTU-CVE-2024-36288

USN-6999-1

USN-6999-2

USN-7004-1

USN-7005-1

USN-7005-2

USN-7008-1

USN-7029-1

Related

Published

2024-06-21T11:18:46Z

Modified

2025-10-09T11:24:41.343247Z

Summary

SUNRPC: Fix loop termination condition in gss_free_in_token_pages()

Details

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: Fix loop termination condition in gssfreeintokenpages()

The in_token->pages[] array is not NULL terminated. This results in the following KASAN splat:

KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f]

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ab8466d4e26806a4ae82c282762c4545eecf45ef

Fixed

57ff6c0a175930856213b2aa39f8c845a53e5b1c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4420b73c7f26fd5fcb37bbce5313dd356ef1b3ca

Fixed

6ed45d20d30005bed94c8c527ce51d5ad8121018

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f148a95f68c66c1b097391b68e153d5a46f0e780

Fixed

4cefcd0af7458bdeff56a9d8dfc6868ce23d128a

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

fe0b474974fee7af1df286e0edd5a1460c811865

Fixed

b4878ea99f2b40ef1925720b1b4ca7f4af1ba785

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c1d8c429e4d2ce85ec5c92cf71cb419baf75c56f

Fixed

af628d43a822b78ad8d4a58d8259f8bf8bc71115

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

8ca148915670a2921afcc255af9e1dc80f37b052

Fixed

0a1cb0c6102bb4fd310243588d39461da49497ad

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

bafa6b4d95d97877baa61883ff90f7e374427fae

Fixed

4a77c3dead97339478c7422eb07bf4bf63577008

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a3c1afd5d7ad59e34a275d80c428952f83c8c1f0

Affected versions

v6.*

v6.8.12

v6.9.3

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.9.3

Fixed

6.9.4