LiveActive security incident?Get immediate response
CVE Record

CVE-2024-42292: kobject_uevent: Fix OOB access within zap_modalias_env()

In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within its @env parameter, fixed by correcting size to memmove.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

CVE-2024-42292 is a Linux kernel memory-access bug in uevent handling. A kernel helper can move the wrong amount of memory when removing a MODALIAS environment value, causing out-of-bounds access. The public sources confirm kernel fixes, but do not provide CVSS, impact details, or active exploitation evidence.

Executive priority

Track and remediate through normal kernel patch management unless your environment includes sensitive appliances, embedded Linux, or delayed kernel-update channels. Escalate if a vendor later confirms exploitation, severe impact, or reachable attack paths.

Technical view

The flaw is in zap_modalias_env() within kobject_uevent handling. If MODALIAS is not the last entry in the env parameter, the function miscalculates the memmove size and may access memory out of bounds. Linux stable commits correct the size calculation.

Likely exposure

Systems running affected Linux kernel versions may be exposed, including downstream distributions and embedded products that carry the vulnerable kernel code. The bundle lists Linux as affected and includes Debian LTS and Siemens advisories, suggesting distribution and product-vendor tracking.

Exploitation context

The provided evidence does not show active exploitation, public exploit availability, or CISA KEV listing. The source bundle only states the kernel bug and fix. Treat exploitation likelihood as unproven until vendor advisories or threat intelligence say otherwise.

Researcher notes

Evidence is limited to the CVE description and fix references. No CVSS, CWE, privilege requirement, trigger path, or confirmed impact class is included. Further analysis should review the Linux stable patches and downstream vendor advisories without assuming exploitability.

Mitigation direction

  • Apply kernel updates from your Linux distribution or device vendor.
  • Prioritize systems with direct hardware, hotplug, or device-management exposure.
  • Check Debian LTS and Siemens advisories if those environments are present.
  • For custom kernels, verify the relevant Linux stable fix is backported.

Validation and detection

  • Inventory running kernel versions across servers, appliances, and embedded systems.
  • Compare kernels against vendor advisories and fixed package versions.
  • Confirm custom kernels include the zap_modalias_env() size correction.
  • Document exceptions where vendor guidance is unavailable or pending.
Prepared
Confidence
medium
Sources
12

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2024-42292 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
3ADP providers
12Source links

SSVC decision data

CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: partial

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CISA-ADPCISA ADP Vulnrichment
other:ssvc
CVECVE Program Container
siemens-SADPADP container
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux9b3fa47d4a76b1d606a396455f9bbeee083ef008, 9b3fa47d4a76b1d606a396455f9bbeee083ef008, 9b3fa47d4a76b1d606a396455f9bbeee083ef008, 9b3fa47d4a76b1d606a396455f9bbeee083ef008, 9b3fa47d4a76b1d606a396455f9bbeee083ef008, 9b3fa47d4a76b1d606a396455f9bbeee083ef008, 9b3fa47d4a76b1d606a396455f9bbeee083ef008, 9b3fa47d4a76b1d606a396455f9bbeee083ef008unaffected
LinuxLinux4.15, 0, 4.19.320, 5.4.282, 5.10.224, 5.15.165, 6.1.103, 6.6.44, 6.10.3, 6.11affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.