{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-58010", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-27T02:10:48.227Z", "datePublished": "2025-02-27T02:12:05.165Z", "dateUpdated": "2025-03-24T15:37:54.680Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-24T15:37:54.680Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinfmt_flat: Fix integer overflow bug on 32 bit systems\n\nMost of these sizes and counts are capped at 256MB so the math doesn't\nresult in an integer overflow. The \"relocs\" count needs to be checked\nas well. Otherwise on 32bit systems the calculation of \"full_data\"\ncould be wrong.\n\n\tfull_data = data_len + relocs * sizeof(unsigned long);"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/binfmt_flat.c"], "versions": [{"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "0b6be54d7386b7addbf9e5947366f94aad046938", "status": "affected", "versionType": "git"}, {"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "6fb98e0576ea155267e206286413dcb3a3d55c12", "status": "affected", "versionType": "git"}, {"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "bc8ca18b8ef4648532c001bd6c8151143b569275", "status": "affected", "versionType": "git"}, {"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "95506c7f33452450346fbe2975c1359100f854ca", "status": "affected", "versionType": "git"}, {"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "d17ca8f2dfcf423c439859995910a20e38b86f00", "status": "affected", "versionType": "git"}, {"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "a009378af674b808efcca1e2e67916e79ce866b3", "status": "affected", "versionType": "git"}, {"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "8e8cd712bb06a507b26efd2a56155076aa454345", "status": "affected", "versionType": "git"}, {"version": "c995ee28d29d6f256c3a8a6c4e66469554374f25", "lessThan": "55cf2f4b945f6a6416cc2524ba740b83cc9af25a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/binfmt_flat.c"], "versions": [{"version": "4.8", "status": "affected"}, {"version": "0", "lessThan": "4.8", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.291", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.235", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.179", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.129", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.78", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.14", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13.3", "lessThanOrEqual": "6.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/0b6be54d7386b7addbf9e5947366f94aad046938"}, {"url": "https://git.kernel.org/stable/c/6fb98e0576ea155267e206286413dcb3a3d55c12"}, {"url": "https://git.kernel.org/stable/c/bc8ca18b8ef4648532c001bd6c8151143b569275"}, {"url": "https://git.kernel.org/stable/c/95506c7f33452450346fbe2975c1359100f854ca"}, {"url": "https://git.kernel.org/stable/c/d17ca8f2dfcf423c439859995910a20e38b86f00"}, {"url": "https://git.kernel.org/stable/c/a009378af674b808efcca1e2e67916e79ce866b3"}, {"url": "https://git.kernel.org/stable/c/8e8cd712bb06a507b26efd2a56155076aa454345"}, {"url": "https://git.kernel.org/stable/c/55cf2f4b945f6a6416cc2524ba740b83cc9af25a"}], "title": "binfmt_flat: Fix integer overflow bug on 32 bit systems", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD7077AC-7BD1-4A82-9E6F-7C2C54EDCF40", "versionEndExcluding": "6.1.129", "versionStartIncluding": "4.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C58261F-EDFB-4A12-8CCD-F12101482030", "versionEndExcluding": "6.6.78", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "033BB7EE-C9A2-45EA-BAC9-87BB9D951BCD", "versionEndExcluding": "6.12.14", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E92CEE3-1FC3-4AFC-A513-DEDBA7414F00", "versionEndExcluding": "6.13.3", "versionStartIncluding": "6.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinfmt_flat: Fix integer overflow bug on 32 bit systems\n\nMost of these sizes and counts are capped at 256MB so the math doesn't\nresult in an integer overflow. The \"relocs\" count needs to be checked\nas well. Otherwise on 32bit systems the calculation of \"full_data\"\ncould be wrong.\n\n\tfull_data = data_len + relocs * sizeof(unsigned long);"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: binfmt_flat: soluciona un error de desbordamiento de enteros en sistemas de 32 bits La mayor\u00eda de estos tama\u00f1os y recuentos est\u00e1n limitados a 256 MB, por lo que el c\u00e1lculo no da como resultado un desbordamiento de enteros. Tambi\u00e9n es necesario comprobar el recuento de \"relocs\". De lo contrario, en sistemas de 32 bits, el c\u00e1lculo de \"full_data\" podr\u00eda ser incorrecto. full_data = data_len + relocs * sizeof(unsigned long);"}], "id": "CVE-2024-58010", "lastModified": "2025-03-13T13:15:44.120", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-02-27T03:15:11.980", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0b6be54d7386b7addbf9e5947366f94aad046938"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/55cf2f4b945f6a6416cc2524ba740b83cc9af25a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6fb98e0576ea155267e206286413dcb3a3d55c12"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8e8cd712bb06a507b26efd2a56155076aa454345"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/95506c7f33452450346fbe2975c1359100f854ca"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a009378af674b808efcca1e2e67916e79ce866b3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bc8ca18b8ef4648532c001bd6c8151143b569275"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d17ca8f2dfcf423c439859995910a20e38b86f00"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: binfmt_flat: Fix integer overflow bug on 32 bit systems", "id": "2348558", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348558"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nbinfmt_flat: Fix integer overflow bug on 32 bit systems\nMost of these sizes and counts are capped at 256MB so the math doesn't\nresult in an integer overflow. The \"relocs\" count needs to be checked\nas well. Otherwise on 32bit systems the calculation of \"full_data\"\ncould be wrong.\nfull_data = data_len + relocs * sizeof(unsigned long);"], "name": "CVE-2024-58010", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-58010\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-58010\nhttps://lore.kernel.org/linux-cve-announce/2025022656-CVE-2024-58010-39bc@gregkh/T"], "threat_severity": "Moderate"}