CVE-2024-50080

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50080
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50080.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50080
Downstream
Related
Published
2024-10-29T01:15:05Z
Modified
2025-08-09T20:01:26Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

ublk: don't allow user copy for unprivileged device

UBLKFUSER_COPY requires userspace to call write() on ublk char device for filling request buffer, and unprivileged device can't be trusted.

So don't allow user copy for unprivileged device.

References

Affected packages