CVE-2024-26994: speakup: Avoid crash on very long word

Description

In the Linux kernel, the following vulnerability has been resolved:

speakup: Avoid crash on very long word

In case a console is set up really large and contains a really long word
(> 256 characters), we have to stop before the length of the word buffer.

Classification

CVE ID: CVE-2024-26994

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 15.26% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/756c5cb7c09e537b87b5d3acafcb101b2ccf394f
https://git.kernel.org/stable/c/8f6b62125befe1675446923e4171eac2c012959c
https://git.kernel.org/stable/c/6401038acfa24cba9c28cce410b7505efadd0222
https://git.kernel.org/stable/c/0d130158db29f5e0b3893154908cf618896450a8
https://git.kernel.org/stable/c/89af25bd4b4bf6a71295f07e07a8ae7dc03c6595
https://git.kernel.org/stable/c/8defb1d22ba0395b81feb963b96e252b097ba76f
https://git.kernel.org/stable/c/0efb15c14c493263cb3a5f65f5ddfd4603d19a76
https://git.kernel.org/stable/c/c8d2f34ea96ea3bce6ba2535f867f0d4ee3b22e1

Timeline

2024-12-20 00:35:21 UTC
CVE

speakup: Avoid crash on very long word