CVE-2024-46758

Updated: 2025-02-07 20:59:07.781703

Description:

A buffer underrun vulnerability was found in the Linux kernel. DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number, such as -9223372036854775808, is provided by the user, resulting in loss of availability of the system.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Released CLSA-2025:1743193221 2024-10-21 17:28:40
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Not Vulnerable 2024-09-30 14:24:33
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Released CLSA-2024:1728297353 2024-10-25 01:05:38
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1729869774 2024-10-25 14:31:03
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1729870301 2024-10-25 14:31:04
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1729874131 2024-10-25 14:31:02
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Not Vulnerable 2024-09-30 14:24:33
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2025-01-10 22:43:27
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Not Vulnerable 2024-09-30 14:24:32
Oracle Linux 7 ELS kernel 3.10.0 5.5 MEDIUM Released 2025-03-25 03:29:34
Total: 13