{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-39480","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-06-25T14:23:23.746Z","datePublished":"2024-07-05T06:55:09.241Z","dateUpdated":"2026-01-05T10:36:46.174Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-01-05T10:36:46.174Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/debug/kdb/kdb_io.c"],"versions":[{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"fb824a99e148ff272a53d71d84122728b5f00992","status":"affected","versionType":"git"},{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"ddd2972d8e2dee3b33e8121669d55def59f0be8a","status":"affected","versionType":"git"},{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"cfdc2fa4db57503bc6d3817240547c8ddc55fa96","status":"affected","versionType":"git"},{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"f636a40834d22e5e3fc748f060211879c056cd33","status":"affected","versionType":"git"},{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"33d9c814652b971461d1e30bead6792851c209e7","status":"affected","versionType":"git"},{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"107e825cc448b7834b31e8b1b3cf0f57426d46d5","status":"affected","versionType":"git"},{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"f694da720dcf795dc3eb97bf76d220213f76aaa7","status":"affected","versionType":"git"},{"version":"5d5314d6795f3c1c0f415348ff8c51f7de042b77","lessThan":"e9730744bf3af04cda23799029342aa3cddbc454","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/debug/kdb/kdb_io.c"],"versions":[{"version":"2.6.35","status":"affected"},{"version":"0","lessThan":"2.6.35","status":"unaffected","versionType":"semver"},{"version":"4.19.316","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.278","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.219","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.161","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.94","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.34","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.9.5","lessThanOrEqual":"6.9.*","status":"unaffected","versionType":"semver"},{"version":"6.10","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"4.19.316"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"5.4.278"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"5.10.219"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"5.15.161"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.1.94"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.6.34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.9.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992"},{"url":"https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a"},{"url":"https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96"},{"url":"https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33"},{"url":"https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7"},{"url":"https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5"},{"url":"https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7"},{"url":"https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454"}],"title":"kdb: Fix buffer overflow during tab-complete","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T04:26:15.655Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/fb824a99e148ff272a53d71d84122728b5f00992","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/ddd2972d8e2dee3b33e8121669d55def59f0be8a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/cfdc2fa4db57503bc6d3817240547c8ddc55fa96","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f636a40834d22e5e3fc748f060211879c056cd33","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/33d9c814652b971461d1e30bead6792851c209e7","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/107e825cc448b7834b31e8b1b3cf0f57426d46d5","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f694da720dcf795dc3eb97bf76d220213f76aaa7","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/e9730744bf3af04cda23799029342aa3cddbc454","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-121","lang":"en","description":"CWE-121 Stack-based Buffer Overflow"}]}],"affected":[{"vendor":"linux","product":"linux_kernel","cpes":["cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","versions":[{"version":"1da177e4c3f4","status":"affected","lessThan":"fb824a99e148","versionType":"git"},{"version":"1da177e4c3f4","status":"affected","lessThan":"ddd2972d8e2d","versionType":"git"},{"version":"1da177e4c3f4","status":"affected","lessThan":"cfdc2fa4db57","versionType":"git"},{"version":"1da177e4c3f4","status":"affected","lessThan":"f636a40834d2","versionType":"git"},{"version":"1da177e4c3f4","status":"affected","lessThan":"33d9c814652b","versionType":"git"},{"version":"1da177e4c3f4","status":"affected","lessThan":"107e825cc448","versionType":"git"},{"version":"1da177e4c3f4","status":"affected","lessThan":"f694da720dcf","versionType":"git"},{"version":"1da177e4c3f4","status":"affected","lessThan":"e9730744bf3a","versionType":"git"},{"version":"4.19.316","status":"unaffected","lessThanOrEqual":"4.20","versionType":"git"},{"version":"5.4.278","status":"unaffected","lessThanOrEqual":"5.5","versionType":"git"},{"version":"5.10.219","status":"unaffected","lessThanOrEqual":"5.11","versionType":"git"},{"version":"5.15.161","status":"unaffected","lessThanOrEqual":"5.16","versionType":"git"},{"version":"6.1.94","status":"unaffected","lessThanOrEqual":"6.2","versionType":"git"},{"version":"6.6.34","status":"unaffected","lessThanOrEqual":"6.7","versionType":"git"},{"version":"6.9.5","status":"unaffected","lessThanOrEqual":"6.10","versionType":"git"},{"version":"6.10","status":"unaffected","lessThanOrEqual":"*","versionType":"git"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-08-20T03:55:14.759316Z","id":"CVE-2024-39480","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-27T14:14:17.550Z"}}]}}