Out-of-bounds Read in kernel-debug-devel-matched | CVE-2024-53147

Threat Intelligence

0.03% (9^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Out-of-bounds Read vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-ALMALINUX10-KERNELDEBUGDEVELMATCHED-14115483
published26 Nov 2025
disclosed11 Nov 2025

Report a new vulnerability Found a mistake?

Introduced: 11 Nov 2025

CVE-2024-53147 (opens in a new tab) CWE-125 (opens in a new tab)

Amendment

The AlmaLinux security team deemed this advisory irrelevant for AlmaLinux:10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-debug-devel-matched package and not the kernel-debug-devel-matched package as distributed by AlmaLinux.

In the Linux kernel, the following vulnerability has been resolved:

exfat: fix out-of-bounds access of directory entries

In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system corruption, then the directory entry where ei->hint_femp.eidx hint is outside the directory, resulting in an out-of-bounds access, which may cause further file system corruption.

This commit adds a check for start_clu, if it is an invalid cluster, the file or directory will be treated as empty.

Out-of-bounds Read The advisory has been revoked - it doesn't affect any version of package kernel-debug-devel-matched (opens in a new tab)