{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41028", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.617Z", "datePublished": "2024-07-29T14:31:44.704Z", "dateUpdated": "2024-12-19T09:10:22.459Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:10:22.459Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: toshiba_acpi: Fix array out-of-bounds access\n\nIn order to use toshiba_dmi_quirks[] together with the standard DMI\nmatching functions, it must be terminated by a empty entry.\n\nSince this entry is missing, an array out-of-bounds access occurs\nevery time the quirk list is processed.\n\nFix this by adding the terminating empty entry."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/platform/x86/toshiba_acpi.c"], "versions": [{"version": "3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0", "lessThan": "e030aa6c972641cb069086a8c7a0f747653e472a", "status": "affected", "versionType": "git"}, {"version": "3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0", "lessThan": "639868f1cb87b683cf830353bbee0c4078202313", "status": "affected", "versionType": "git"}, {"version": "3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0", "lessThan": "0d71da43d6b7916d36cf1953d793da80433c50bf", "status": "affected", "versionType": "git"}, {"version": "3cb1f40dfdc3b9f5449076c96b4e2523139f5cd0", "lessThan": "b6e02c6b0377d4339986e07aeb696c632cd392aa", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/platform/x86/toshiba_acpi.c"], "versions": [{"version": "6.1", "status": "affected"}, {"version": "0", "lessThan": "6.1", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.100", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.41", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.10", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a"}, {"url": "https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313"}, {"url": "https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf"}, {"url": "https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa"}], "title": "platform/x86: toshiba_acpi: Fix array out-of-bounds access", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.186Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41028", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:24:02.601705Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:04.253Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.186Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41028", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:24:02.601705Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:20.478Z"}}], "cna": {"title": "platform/x86: toshiba_acpi: Fix array out-of-bounds access", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3cb1f40dfdc3", "lessThan": "e030aa6c9726", "versionType": "git"}, {"status": "affected", "version": "3cb1f40dfdc3", "lessThan": "639868f1cb87", "versionType": "git"}, {"status": "affected", "version": "3cb1f40dfdc3", "lessThan": "0d71da43d6b7", "versionType": "git"}, {"status": "affected", "version": "3cb1f40dfdc3", "lessThan": "b6e02c6b0377", "versionType": "git"}], "programFiles": ["drivers/platform/x86/toshiba_acpi.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.1"}, {"status": "unaffected", "version": "0", "lessThan": "6.1", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.100", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.41", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.10", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/platform/x86/toshiba_acpi.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a"}, {"url": "https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313"}, {"url": "https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf"}, {"url": "https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: toshiba_acpi: Fix array out-of-bounds access\n\nIn order to use toshiba_dmi_quirks[] together with the standard DMI\nmatching functions, it must be terminated by a empty entry.\n\nSince this entry is missing, an array out-of-bounds access occurs\nevery time the quirk list is processed.\n\nFix this by adding the terminating empty entry."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:35:16.520Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41028", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:35:16.520Z", "dateReserved": "2024-07-12T12:17:45.617Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-29T14:31:44.704Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "11AA9FD7-8CF6-4561-A31F-2BD173451E8A", "versionEndExcluding": "6.1.100", "versionStartIncluding": "6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "96AC42B8-D66D-4AC5-B466-E9BA7910FA29", "versionEndExcluding": "6.6.41", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352", "versionEndExcluding": "6.9.10", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*", "matchCriteriaId": "BD973AA4-A789-49BD-8D57-B2846935D3C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*", "matchCriteriaId": "8F3E9E0C-AC3E-4967-AF80-6483E8AB0078", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc7:*:*:*:*:*:*", "matchCriteriaId": "11AF4CB9-F697-4EA4-8903-8F9417EFDA8E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: toshiba_acpi: Fix array out-of-bounds access\n\nIn order to use toshiba_dmi_quirks[] together with the standard DMI\nmatching functions, it must be terminated by a empty entry.\n\nSince this entry is missing, an array out-of-bounds access occurs\nevery time the quirk list is processed.\n\nFix this by adding the terminating empty entry."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: plataforma/x86: toshiba_acpi: corrige el acceso fuera de los l\u00edmites de la matriz. Para utilizar toshiba_dmi_quirks[] junto con las funciones est\u00e1ndar de coincidencia DMI, debe terminar con una entrada vac\u00eda. Dado que falta esta entrada, se produce un acceso fuera de los l\u00edmites a la matriz cada vez que se procesa la lista de peculiaridades. Solucione este problema agregando la entrada vac\u00eda final."}], "id": "CVE-2024-41028", "lastModified": "2025-03-06T12:53:17.520", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-29T15:15:11.553", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0d71da43d6b7916d36cf1953d793da80433c50bf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/639868f1cb87b683cf830353bbee0c4078202313"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b6e02c6b0377d4339986e07aeb696c632cd392aa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e030aa6c972641cb069086a8c7a0f747653e472a"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-129"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: platform/x86: toshiba_acpi: Fix array out-of-bounds access", "id": "2300386", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300386"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nplatform/x86: toshiba_acpi: Fix array out-of-bounds access\nIn order to use toshiba_dmi_quirks[] together with the standard DMI\nmatching functions, it must be terminated by a empty entry.\nSince this entry is missing, an array out-of-bounds access occurs\nevery time the quirk list is processed.\nFix this by adding the terminating empty entry."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-41028", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-41028\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41028\nhttps://lore.kernel.org/linux-cve-announce/2024072920-CVE-2024-41028-d1bd@gregkh/T"], "threat_severity": "Low"}