{"api_version":"1","generated_at":"2026-04-22T23:53:11+00:00","cve":"CVE-2024-23849","urls":{"html":"https://cve.report/CVE-2024-23849","api":"https://cve.report/api/cve/CVE-2024-23849.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-23849","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-23849"},"summary":{"title":"CVE-2024-23849","description":"Description unavailable.","state":"PUBLISHED","assigner":"","published_at":"2024-01-23 09:15:00","updated_at":"2024-02-06 05:15:00"},"problem_types":["CWE-193"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/","name":"FEDORA-2024-2116a8468b","refsource":"","tags":[],"title":"[SECURITY] Fedora 39 Update: kernel-6.7.3-200.fc39 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lore.kernel.org/netdev/1705715319-19199-1-git-send-email-sharath.srinivasan%40oracle.com/","name":"https://lore.kernel.org/netdev/1705715319-19199-1-git-send-email-sharath.srinivasan%40oracle.com/","refsource":"","tags":["Mailing List","Vendor Advisory"],"title":"[PATCH] net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv - Sharath Srinivasan","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LBVHM4LGMFIHBN4UBESYRFMYX3WUICV5/","name":"FEDORA-2024-cf47b35a6c","refsource":"","tags":[],"title":"[SECURITY] Fedora 38 Update: kernel-headers-6.7.3-100.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lore.kernel.org/netdev/CALGdzuoVdq-wtQ4Az9iottBqC5cv9ZhcE5q8N7LfYFvkRsOVcw%40mail.gmail.com","name":"https://lore.kernel.org/netdev/CALGdzuoVdq-wtQ4Az9iottBqC5cv9ZhcE5q8N7LfYFvkRsOVcw%40mail.gmail.com","refsource":"","tags":["Mailing List","Vendor Advisory"],"title":"[Linux Kernel Bug] UBSAN: array-index-out-of-bounds in rds_cmsg_recv - Chenyuan Yang","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-23849","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23849","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"23849","vulnerable":"1","versionEndIncluding":"6.7.1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2024-23849","qid":"200182","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6688-1)"},{"cve":"CVE-2024-23849","qid":"284900","title":"Fedora Security Update for kernel (FEDORA-2024-cf47b35a6c)"},{"cve":"CVE-2024-23849","qid":"285004","title":"Fedora Security Update for kernel (FEDORA-2024-2116a8468b)"},{"cve":"CVE-2024-23849","qid":"357101","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2024-048"},{"cve":"CVE-2024-23849","qid":"357112","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2024-059"},{"cve":"CVE-2024-23849","qid":"357243","title":"Amazon Linux Security Advisory for kernel : ALAS2023-2024-517"},{"cve":"CVE-2024-23849","qid":"357258","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2024-038"},{"cve":"CVE-2024-23849","qid":"357260","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2024-165"},{"cve":"CVE-2024-23849","qid":"357277","title":"Amazon Linux Security Advisory for kernel : ALAS2-2024-2475"},{"cve":"CVE-2024-23849","qid":"357284","title":"Amazon Linux Security Advisory for kernel : ALAS-2024-1923"},{"cve":"CVE-2024-23849","qid":"357311","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2024-166"},{"cve":"CVE-2024-23849","qid":"357314","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2024-167"},{"cve":"CVE-2024-23849","qid":"357318","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2024-169"},{"cve":"CVE-2024-23849","qid":"6140069","title":"AWS Bottlerocket Security Update for kernel (GHSA-383q-qjm7-4q6x)"},{"cve":"CVE-2024-23849","qid":"6140448","title":"AWS Bottlerocket Security Update for kernel (GHSA-c27g-px38-6rfx)"},{"cve":"CVE-2024-23849","qid":"755965","title":"SUSE Enterprise Linux Security Update for the linux kernel (SUSE-SU-2024:0858-1)"},{"cve":"CVE-2024-23849","qid":"755966","title":"SUSE Enterprise Linux Security Update for the linux kernel (SUSE-SU-2024:0857-1)"},{"cve":"CVE-2024-23849","qid":"755988","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0975-1)"},{"cve":"CVE-2024-23849","qid":"756004","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0926-1)"},{"cve":"CVE-2024-23849","qid":"756005","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0925-1)"},{"cve":"CVE-2024-23849","qid":"756010","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0977-1)"}]},"source_records":{"cve_program":null,"nvd":{"publishedDate":"2024-01-23 09:15:00","lastModifiedDate":"2024-02-06 05:15:00","problem_types":["CWE-193"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndIncluding":"6.7.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}