CVE-2024-46823

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-46823

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46823.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-46823

Downstream

BELL-CVE-2024-46823

DEBIAN-CVE-2024-46823

DLA-4193-1

DSA-5907-1

UBUNTU-CVE-2024-46823

USN-7154-1

USN-7154-2

USN-7155-1

USN-7156-1

USN-7196-1

Published

2024-09-27T13:15:14Z

Modified

2025-08-09T20:01:26Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

kunit/overflow: Fix UB in overflowallocationtest

The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from 'kunitdevice_register'. It produces the kernel panic with KASAN enabled.

Since this variable is used in one place only, remove it and pass the device name into kunitdeviceregister directly as an ascii string.

References

Affected packages