CVE-2024-56660

Опубликовано: 27 дек. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: DR, prevent potential error pointer dereference

The dr_domain_add_vport_cap() function generally returns NULL on error but sometimes we want it to return ERR_PTR(-EBUSY) so the caller can retry. The problem here is that "ret" can be either -EBUSY or -ENOMEM and if it's and -ENOMEM then the error pointer is propogated back and eventually dereferenced in dr_ste_v0_build_src_gvmi_qpn_tag().

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 6.1.121 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.6.67 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.7 (включая) до 6.12.6 (исключая)

cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00033

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2024-56660

CVSS3: 5.5

ubuntu

6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, prevent potential error pointer dereference The dr_domain_add_vport_cap() function generally returns NULL on error but sometimes we want it to return ERR_PTR(-EBUSY) so the caller can retry. The problem here is that "ret" can be either -EBUSY or -ENOMEM and if it's and -ENOMEM then the error pointer is propogated back and eventually dereferenced in dr_ste_v0_build_src_gvmi_qpn_tag().

CVE-2024-56660

CVSS3: 5.5

redhat

6 месяцев назад

CVE-2024-56660

CVSS3: 5.5

msrc

3 месяца назад

Описание отсутствует

CVE-2024-56660

CVSS3: 5.5

debian

6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: n ...

GHSA-4whv-g373-hpgc

CVSS3: 5.5

github

6 месяцев назад

EPSS

Процентиль: 8%

0.00033

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476