CVE-2024-50074
- Source
- https://cve.org/CVERecord?id=CVE-2024-50074
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50074.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50074
- Downstream
- Related
- Published
- 2024-10-29T00:50:16.263Z
- Modified
- 2026-03-11T07:50:08.325955Z
- Summary
- parport: Proper fix for array out-of-bounds access
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
parport: Proper fix for array out-of-bounds access
The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). However, since snprintf() returns the would-be-printed size, not the actually output size, the length calculation can still go over the given limit.
Use scnprintf() instead of snprintf(), which returns the actually output letters, for addressing the potential out-of-bounds access properly.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50074.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/02ac3a9ef3a18b58d8f3ea2b6e46de657bf6c4f9
- https://git.kernel.org/stable/c/1826b6d69bbb7f9ae8711827facbb2ad7f8d0aaa
- https://git.kernel.org/stable/c/2a8b26a09c8e3ea03da1ef3cd0ef6b96e559fba6
- https://git.kernel.org/stable/c/440311903231c6e6c9bcf8acb6a2885a422e00bc
- https://git.kernel.org/stable/c/66029078fee00646e2e9dbb8f41ff7819f8e7569
- https://git.kernel.org/stable/c/8aadef73ba3b325704ed5cfc4696a25c350182cf
- https://git.kernel.org/stable/c/b0641e53e6cb937487b6cfb15772374f0ba149b3
- https://git.kernel.org/stable/c/fca048f222ce9dcbde5708ba2bf81d85a4a27952
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50074.json
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-50074
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced166a0bddcc27de41fe13f861c8348e8e53e988c8Fixed8aadef73ba3b325704ed5cfc4696a25c350182cf
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced47b3dce100778001cd76f7e9188944b5cb27a76dFixedb0641e53e6cb937487b6cfb15772374f0ba149b3
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda44f88f7576bc1916d8d6293f5c62fbe7cbe03e0Fixed1826b6d69bbb7f9ae8711827facbb2ad7f8d0aaa
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc719b393374d3763e64900ee19aaed767d5a08d6Fixed440311903231c6e6c9bcf8acb6a2885a422e00bc
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7f4da759092a1a6ce35fb085182d02de8cc4cc84Fixedfca048f222ce9dcbde5708ba2bf81d85a4a27952
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb579ea3516c371ecf59d073772bc45dfd28c8a0eFixed66029078fee00646e2e9dbb8f41ff7819f8e7569
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedab11dac93d2d568d151b1918d7b84c2d02bacbd5Fixed2a8b26a09c8e3ea03da1ef3cd0ef6b96e559fba6Fixed02ac3a9ef3a18b58d8f3ea2b6e46de657bf6c4f9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected7789a1d6792af410aa9b39a1eb237ed24fa2170a