Buffer Overflow Vulnerability in Linux Foundation Magma
CVE-2024-24416
7.5HIGH
Key Information:
- Vendor
- Linux Foundation
- Status
- Magma
- Vendor
- CVE Published:
- 21 January 2025
Summary
A buffer overflow vulnerability has been identified in the decode_access_point_name_ie function of the Linux Foundation's Magma, specifically in versions up to 1.8.0. By sending specially crafted NAS packets, an attacker can trigger this flaw, potentially leading to a Denial of Service condition. The issue has been resolved in version 1.9 with commit 08472ba98b8321f802e95f5622fa90fec2dea486, reinforcing the importance of updating to the latest version to mitigate potential threats.
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published