Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-52332

Опубликовано: 11 янв. 2025
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.

Отчет

Bug could happen during error path and during device registration. The security impact is limited.

Меры по смягчению последствий

To mitigate this issue, prevent module igb from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelAffected
Red Hat Enterprise Linux 10kernel-rtAffected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelOut of support scope
Red Hat Enterprise Linux 8kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernelAffected
Red Hat Enterprise Linux 9kernel-rtWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=2337121kernel: igb: Fix potential invalid memory access in igb_init_module()

EPSS

Процентиль: 16%
0.00051
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-52332

CVSS3: 7.1
ubuntu
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.

nvd логотип

CVE-2024-52332

CVSS3: 7.1
nvd
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.

debian логотип

CVE-2024-52332

CVSS3: 7.1
debian
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: i ...

github логотип

GHSA-wvm7-8j8w-hp55

CVSS3: 7.1
github
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igb_init_module() The pci_register_driver() can fail and when this happened, the dca_notifier needs to be unregistered, otherwise the dca_notifier can be called when igb fails to install, resulting to invalid memory access.

fstec логотип

BDU:2025-07884

CVSS3: 5.5
fstec
около 1 года назад

Уязвимость функции igb_init_module() компонента drivers/net/ethernet/intel/igb/igb_main.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 16%
0.00051
Низкий

4.7 Medium

CVSS3