{"id":"CVE-2024-42292","summary":"kobject_uevent: Fix OOB access within zap_modalias_env()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nkobject_uevent: Fix OOB access within zap_modalias_env()\n\nzap_modalias_env() wrongly calculates size of memory block to move, so\nwill cause OOB memory access issue if variable MODALIAS is not the last\none within its @env parameter, fixed by correcting size to memmove.","modified":"2026-03-20T12:37:40.251359Z","published":"2024-08-17T09:09:01.586Z","related":["ALSA-2024:8856","ALSA-2024:8870","MGASA-2024-0309","MGASA-2024-0310","SUSE-SU-2024:3190-1","SUSE-SU-2024:3194-1","SUSE-SU-2024:3195-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3383-1","SUSE-SU-2024:3483-1","SUSE-SU-2025:20044-1","SUSE-SU-2025:20047-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42292.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/57fe01d3d04276875c7e3a6dc763517fc05b8762"},{"type":"WEB","url":"https://git.kernel.org/stable/c/648d5490460d38436640da0812bf7f6351c150d2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/68d63ace80b76395e7935687ecdb86421adc2168"},{"type":"WEB","url":"https://git.kernel.org/stable/c/81a15d28f32af01493ae8c5457e0d55314a4167d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b59a5e86a3934f1b6a5bd1368902dbc79bdecc90"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c5ee8adc8d98a49703320d13878ba2b923b142f5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d4663536754defff75ff1eca0aaebc41da165a8d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dd6e9894b451e7c85cceb8e9dc5432679a70e7dc"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42292.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-42292"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9b3fa47d4a76b1d606a396455f9bbeee083ef008"},{"fixed":"81a15d28f32af01493ae8c5457e0d55314a4167d"},{"fixed":"b59a5e86a3934f1b6a5bd1368902dbc79bdecc90"},{"fixed":"648d5490460d38436640da0812bf7f6351c150d2"},{"fixed":"c5ee8adc8d98a49703320d13878ba2b923b142f5"},{"fixed":"68d63ace80b76395e7935687ecdb86421adc2168"},{"fixed":"57fe01d3d04276875c7e3a6dc763517fc05b8762"},{"fixed":"d4663536754defff75ff1eca0aaebc41da165a8d"},{"fixed":"dd6e9894b451e7c85cceb8e9dc5432679a70e7dc"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42292.json"}}],"schema_version":"1.7.5"}