CVE-2024-41016

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-41016

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41016.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-41016

Downstream

BELL-CVE-2024-41016

DEBIAN-CVE-2024-41016

DLA-4008-1

DLA-4075-1

DSA-5782-1

OESA-2024-2106

OESA-2024-2107

OESA-2024-2108

OESA-2024-2124

SUSE-SU-2024:2892-1

SUSE-SU-2024:2894-1

SUSE-SU-2024:2901-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2940-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:3189-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3251-1

SUSE-SU-2024:3252-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4100-1

SUSE-SU-2024:4315-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4376-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:0034-1

Related

Published

2024-07-29T07:15:06Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: strict bound check before memcmp in ocfs2xattrfind_entry()

xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.

References

Affected packages