Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

Vulnerability IntelligenceCVE-2024-46777

CVE-2024-46777

MEDIUM5.5

udf: Avoid excessive partition lengths

Published Sep 18, 2024

Modified 3 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

udf: Avoid excessive partition lengths

Avoid mounting filesystems where the partition would overflow the 32-bits used for block number. Also refuse to mount filesystems where the partition length is so large we cannot safely index bits in a block bitmap.

References

WEB

https://git.kernel.org/stable/c/0173999123082280cf904bd640015951f194a294

WEB

https://git.kernel.org/stable/c/1497a4484cdb2cf6c37960d788fb6ba67567bdb7

WEB

https://git.kernel.org/stable/c/2ddf831451357c6da4b64645eb797c93c1c054d1

WEB

https://git.kernel.org/stable/c/551966371e17912564bc387fbeb2ac13077c3db1

WEB

https://git.kernel.org/stable/c/925fd8ee80d5348a5e965548e5484d164d19221d

WEB

https://git.kernel.org/stable/c/a56330761950cb83de1dfb348479f20c56c95f90

WEB

https://git.kernel.org/stable/c/c0c23130d38e8bc28e9ef581443de9b1fc749966

WEB

https://git.kernel.org/stable/c/ebbe26fd54a9621994bc16b14f2ba8f84c089693

WEB

https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html

WEB

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2024-46777

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedSep 18, 2024

ModifiedJan 5, 2026

CVE-2024-46777 | Mondoo Vulnerability Intelligence