CVE-2024-38579

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38579
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38579.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-38579
Downstream
Related
Published
2024-06-19T14:15:17Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

crypto: bcm - Fix pointer arithmetic

In spu2dumpomd() value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer boundaries. Fix this bug by changing ciphkeylen to hashivlen.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

References

Affected packages