CRITICAL🇵🇱 Wersja polska

CVE-2024-38623

CVSS 9.8v3.1pub. 2024-06-21upd. 2025-03-24

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixed size Should fix smatch warning: ntfs_set_label() error: __builtin_memcpy() 'uni->name' too small (20 vs 256)

🤖 AI Analysis
How it works

The ntfs_set_label() function used a fixed size array to store the NTFS volume label name. Attempting to copy data of up to 256 bytes into a buffer of only 20 bytes caused a smatch tool warning about an insufficiently sized destination buffer for the __builtin_memcpy() operation. The fix replaces the fixed-size array with a variable length array, eliminating potential buffer overflow.

Impact

An attacker or malicious NTFS file system can cause a buffer overflow in kernel space, which may lead to unauthorized read or write of data, memory corruption, and consequently system destabilization or takeover.

Mitigation & patch

Patches available from the vendor should be applied according to the references — patches have been published in the Linux kernel stable repository at the addresses indicated in the references section. It is recommended to update to the patched kernel version as soon as possible, especially on systems mounting external NTFS volumes.

Who is affected

Linux kernel with enabled NTFS3 file system driver (ntfs3); specific versions indicated in vendor references (patches available at addresses in git.kernel.org references).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Linux Kernel

    OS
    Linux
    5.15 – 5.15.161 (bez)5.16 – 6.1.93 (bez)6.2 – 6.6.33 (bez)6.7 – 6.9.4 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2022-47986CRITICAL9.8⚠ KEVten sam produkt

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...

CVE-2022-22954CRITICAL9.8⚠ KEVten sam produkt

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...

CVE-2020-4006CRITICAL9.1⚠ KEVten sam produkt

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...