{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-27401","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-25T13:47:42.681Z","datePublished":"2024-05-13T10:29:53.862Z","dateUpdated":"2026-05-11T20:10:18.628Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T20:10:18.628Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/firewire/nosy.c"],"versions":[{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"67f34f093c0f7bf33f5b4ae64d3d695a3b978285","status":"affected","versionType":"git"},{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"7b8c7bd2296e95b38a6ff346242356a2e7190239","status":"affected","versionType":"git"},{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"cca330c59c54207567a648357835f59df9a286bb","status":"affected","versionType":"git"},{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"79f988d3ffc1aa778fc5181bdfab312e57956c6b","status":"affected","versionType":"git"},{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"4ee0941da10e8fdcdb34756b877efd3282594c1f","status":"affected","versionType":"git"},{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"1fe60ee709436550f8cfbab01295936b868d5baa","status":"affected","versionType":"git"},{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c","status":"affected","versionType":"git"},{"version":"286468210d83ce0ca1e37e346ed9f4457a161650","lessThan":"38762a0763c10c24a4915feee722d7aa6e73eb98","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/firewire/nosy.c"],"versions":[{"version":"2.6.36","status":"affected"},{"version":"0","lessThan":"2.6.36","status":"unaffected","versionType":"semver"},{"version":"4.19.314","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.276","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.217","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.159","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.91","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.31","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.8.10","lessThanOrEqual":"6.8.*","status":"unaffected","versionType":"semver"},{"version":"6.9","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"4.19.314"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"5.4.276"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"5.10.217"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"5.15.159"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"6.1.91"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"6.6.31"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"6.8.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"6.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/67f34f093c0f7bf33f5b4ae64d3d695a3b978285"},{"url":"https://git.kernel.org/stable/c/7b8c7bd2296e95b38a6ff346242356a2e7190239"},{"url":"https://git.kernel.org/stable/c/cca330c59c54207567a648357835f59df9a286bb"},{"url":"https://git.kernel.org/stable/c/79f988d3ffc1aa778fc5181bdfab312e57956c6b"},{"url":"https://git.kernel.org/stable/c/4ee0941da10e8fdcdb34756b877efd3282594c1f"},{"url":"https://git.kernel.org/stable/c/1fe60ee709436550f8cfbab01295936b868d5baa"},{"url":"https://git.kernel.org/stable/c/539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c"},{"url":"https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98"}],"title":"firewire: nosy: ensure user_length is taken into account when fetching packet contents","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-27401","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-13T17:55:43.034157Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-05T17:21:00.939Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T00:34:52.126Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/67f34f093c0f7bf33f5b4ae64d3d695a3b978285","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/7b8c7bd2296e95b38a6ff346242356a2e7190239","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/cca330c59c54207567a648357835f59df9a286bb","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/79f988d3ffc1aa778fc5181bdfab312e57956c6b","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/4ee0941da10e8fdcdb34756b877efd3282594c1f","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/1fe60ee709436550f8cfbab01295936b868d5baa","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/539d51ac48bcfcfa1b3d4a85f8df92fa22c1d41c","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/38762a0763c10c24a4915feee722d7aa6e73eb98","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html","tags":["x_transferred"]}]}]},"dataVersion":"5.2"}