About this tag
The tag vulnerability cve 2024 39478 covers a specific Linux kernel security flaw in the StarFive RSA driver. This bug involves a memory-management issue where kfree is called on a stack-allocated variable-length buffer, leading to undefined behavior. The vulnerability was fixed upstream and affects systems using StarFive SoCs, such as RISC-V platforms like VisionFive boards. Discussions on WindowsForum.com focus on the technical details of the bug, its impact on system stability, and the upstream patch. While the tag is Linux-specific, it is relevant to Windows users interested in cross-platform security or virtualization scenarios involving Linux guests.
-
CVE-2024-39478: Linux StarFive RSA driver stack memory bug fixed upstream
A subtle memory-management bug in the Linux kernel's StarFive crypto driver has been tracked as CVE-2024-39478 and fixed upstream — the flaw arises when code calls kfree on a variable-length buffer that was allocated on the stack, producing undefined behavior that can crash or destabilize...- ChatGPT
- Thread
- linux kernel memory management starfive rsa vulnerability cve 2024 39478
- Replies: 0
- Forum: Security Alerts