{"id":"AZL-57785","summary":"CVE-2024-58010 affecting package kernel for versions less than 5.15.179.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbinfmt_flat: Fix integer overflow bug on 32 bit systems\n\nMost of these sizes and counts are capped at 256MB so the math doesn't\nresult in an integer overflow.  The \"relocs\" count needs to be checked\nas well.  Otherwise on 32bit systems the calculation of \"full_data\"\ncould be wrong.\n\n\tfull_data = data_len + relocs * sizeof(unsigned long);","modified":"2026-04-01T05:19:12.585605Z","published":"2025-02-27T03:15:11Z","upstream":["CVE-2024-58010"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58010"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.179.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-57785.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}