CVE-2024-47041

HIGH Year: 2024
CVSS v3 Score
7.4
High
Weakness Type
CWE-125
View all →

Vulnerability Description

In valid_address of syscall.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2021-21198

HIGH
CVSS:7.4(High)

Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CWE-1252021

CVE-2021-3712

HIGH
CVSS:7.4(High)

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C ...

CWE-1252021

CVE-2022-47630

HIGH
CVSS:7.4(High)

Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger da...

CWE-1252022

CVE-2024-11614

HIGH
CVSS:7.4(High)

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio...

CWE-1252024

CVE-2024-36054

HIGH
CVSS:7.4(High)

Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily read kernel memory (and consequently gain all privileges) via IOCTL 0x9c4064b8 (via MmMapIoSpace) a...

CWE-1252024

CVE-2025-32914

HIGH
CVSS:7.4(High)

A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read ...

CWE-1252025