CVE-2024-42242

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 7, 2024
Updated: Aug 8, 2024
CWE ID 770

Summary

CVE-2024-42242 is a vulnerability affecting the Linux kernel. In the sdhci driver, a mistake in the blk_queue_max_segment_size() function allowed max_segment_size to be set below the PAGE_SIZE, which should have been enforced as an error in blk_validate_limits(). This oversight exposed sdhci to setting maximum segment sizes that were too low in certain circumstances. The issue has been resolved by setting the maximum segment size correctly when it is too low.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share