Description

In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in ima_eventdigest_init_common Function ima_eventdigest_init() calls ima_eventdigest_init_common() with HASH_ALGO__LAST which is then used to access the array hash_digest_size[] leading to buffer overrun. Have a conditional statement to handle this.

INFO

Published Date :

2024-12-02T13:44:39.117Z

Last Modified :

2025-11-03T22:29:18.493Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53106 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53106.

URL Resource
https://git.kernel.org/stable/c/1ecf0df5205cfb0907eb7984b8671257965a5232 cve-icon cve-icon
https://git.kernel.org/stable/c/8a84765c62cc0469864e2faee43aae253ad16082 cve-icon cve-icon
https://git.kernel.org/stable/c/923168a0631bc42fffd55087b337b1b6c54dcff5 cve-icon cve-icon
https://git.kernel.org/stable/c/e01aae58e818503f2ffcd34c6f7dc6f90af1057e cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024120246-CVE-2024-53106-8432@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-53106 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-53106 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact