CVE-2024-50284

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Nov 27, 2024
CWE ID 754

Summary

CVE-2024-50284 is a recently identified vulnerability in the Linux kernel. Specifically, in the ksmbd component, there was a missing error check in the xa_store function. This function can return error codes, such as -EINVAL or -ENOMEM, if an entry cannot be stored in an XArray or if memory allocation fails, respectively. Failure to check these errors could lead to unintended consequences. Therefore, this vulnerability has been resolved by implementing the necessary error checks to ensure proper handling of the xa_store function's return values.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share