{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T22:53:45.944","vulnerabilities":[{"cve":{"id":"CVE-2024-36935","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-05-30T16:15:16.640","lastModified":"2025-01-15T18:38:18.097","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nice: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count bytes\nfrom userspace to that buffer. Later, we use sscanf on this buffer but we\ndon't ensure that the string is terminated inside the buffer, this can lead\nto OOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user."},{"lang":"es","value":"En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ice: asegúrese de que el buf copiado tenga terminación NUL. Actualmente, asignamos un búfer del kernel del tamaño de un conteo y copiamos el conteo de bytes del espacio de usuario a ese búfer. Más adelante, usamos sscanf en este búfer pero no nos aseguramos de que la cadena termine dentro del búfer, esto puede provocar una lectura OOB cuando usamos sscanf. Solucione este problema utilizando memdup_user_nul en lugar de memdup_user."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.8.10","matchCriteriaId":"B0D3E543-9D44-48EC-AEFE-B1F1DE163D83"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*","matchCriteriaId":"22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*","matchCriteriaId":"DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*","matchCriteriaId":"52048DDA-FC5A-4363-95A0-A6357B4D7F8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*","matchCriteriaId":"A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*","matchCriteriaId":"F850DCEC-E08B-4317-A33B-D2DCF39F601B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*","matchCriteriaId":"91326417-E981-482E-A5A3-28BC1327521B"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5ff4de981983ed84f29b5d92b6550ec054e12a92","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/666854ea9cad844f75a068f32812a2d78004914a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5ff4de981983ed84f29b5d92b6550ec054e12a92","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/666854ea9cad844f75a068f32812a2d78004914a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}