CVE-2024-33041

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 6, 2025
Updated: Jan 10, 2025
CWE ID 787
CWE ID 823

Summary

CVE-2024-33041 is a newly identified vulnerability that affects the handling of fence frame IOCTL calls. The issue stems from a missing input parameter validation for the number of fences in these calls, leading to memory corruption. An attacker could exploit this vulnerability by sending specially crafted input to the affected system, potentially gaining unauthorized control or crashing it. This can pose a serious threat to system stability and security. It is recommended that affected organizations apply patches or workarounds as soon as they become available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share