CVE-2024-50248

ntfs3: Add bounds checking to mi_enum_attr()

Description

In the Linux kernel, the following vulnerability has been resolved: ntfs3: Add bounds checking to mi_enum_attr() Added bounds checking to make sure that every attr don't stray beyond valid memory region.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/386613a44b858304a88529ade2ccc1e079a5fc56
https://git.kernel.org/stable/c/22cdf3be7d34f61a91b9e2966fec3a29f3871398 patch
https://git.kernel.org/stable/c/809f9b419c75f8042c58434d2bfe849140643e9d patch
https://git.kernel.org/stable/c/556bdf27c2dd5c74a9caacbe524b943a6cd42d99 patch

Frequently Asked Questions

What is the severity of CVE-2024-50248?
CVE-2024-50248 has been scored as a medium severity vulnerability.
How to fix CVE-2024-50248?
To fix CVE-2024-50248, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-50248 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-50248 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-50248?
CVE-2024-50248 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.