How severe is CVE-2024-26763?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2024-26763?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2024-26763 - HIGH Severity | CVSS 7.1

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified [1]. So, fix this problem by copying the data into the clone bio first and then encrypt them inside the clone bio. This may reduce performance, but it is needed to prevent the user from corrupting the device by writing data with O_DIRECT and modifying them at the same time. [1] https://lore.kernel.org/all/[email protected]/T/

Related Vulnerabilities

CVE-2017-18926

HIGH

CVSS:7.1(High)

raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflo...

CWE-7872017

CVE-2018-11593

HIGH

CVSS:7.1(High)

Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing b...

CWE-7872018

CVE-2018-20579

HIGH

CVSS:7.1(High)

Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.

CWE-7872018

CVE-2018-21097

HIGH

CVSS:7.1(High)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.1...

CWE-7872018

CVE-2019-8545

HIGH

CVSS:7.1(High)

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected syst...

CWE-7872019

CVE-2020-11203

HIGH

CVSS:7.1(High)

Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Ind...

CWE-7872020