{
  "id": "CVE-2024-41029",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-07-29T15:15:11.627",
  "lastModified": "2024-11-21T09:32:05.920",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: core: limit cell sysfs permissions to main attribute ones\n\nThe cell sysfs attribute should not provide more access to the nvmem\ndata than the main attribute itself.\nFor example if nvme_config::root_only was set, the cell attribute\nwould still provide read access to everybody.\n\nMask out permissions not available on the main attribute."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvmem: core: limita los permisos de cell sysfs a los del atributo principal. El atributo cell sysfs no debe proporcionar m\u00e1s acceso a los datos de nvmem que el propio atributo principal. Por ejemplo, si se configur\u00f3 nvme_config::root_only, el atributo de celda a\u00fan proporcionar\u00eda acceso de lectura a todos. Oculte los permisos que no est\u00e1n disponibles en el atributo principal."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/6bef98bafd82903a8d461463f9594f19f1fd6a85",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/aa066afaaac32caf2160d58d4e3010ee04421c62",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/6bef98bafd82903a8d461463f9594f19f1fd6a85",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://git.kernel.org/stable/c/aa066afaaac32caf2160d58d4e3010ee04421c62",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}