Description

A flaw was found in Fedora 41's glibc implementation of getrandom() for ppc64le. This issue occurs due to an implementation error for a vDSO indirect function call and the way the return of success and possible error codes are signaled on this platform. As a result, getrandom() fails to produce randomness or may end up causing an out-of-bounds write. As the attacker has no full control over where the out-of-bounds write may happen, the most likely result is smaller data corruption or a Denial-of-Service of the affected application. This issue is specific for glibc-2.40-12.fc41 as shipped with Fedora 41 only.

INFO

Published Date :

Last Modified :

Source :

AFFECTED PRODUCTS

The following products are affected by CVE-2024-12455 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-12455.

URL Resource
https://nvd.nist.gov/vuln/detail/CVE-2024-12455 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-12455 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact