Acknowledged
Created: Jan 12, 2025
Updated: Jan 15, 2025
Found In Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
jffs2: Prevent rtime decompress memory corruption
The rtime decompression routine does not fully check bounds during the
entirety of the decompression pass and can corrupt memory outside the
decompression buffer if the compressed data is corrupted. This adds the
required check to prevent this failure mode.
CREATE(Triage):(User=admin) CVE-2024-57850 (https://nvd.nist.gov/vuln/detail/CVE-2024-57850)
