-

CVE-2024-36020

EPSS 0.06%
Veröffentlicht 30.05.2024 15:15:49
Zuletzt bearbeitet 21.11.2024 09:21:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

i40e: fix vf may be used uninitialized in this function warning

To fix the regression introduced by commit 52424f974bc5, which causes
servers hang in very hard to reproduce conditions with resets races.
Using two sources for the information is the root cause.
In this function before the fix bumping v didn't mean bumping vf
pointer. But the code used this variables interchangeably, so stale vf
could point to different/not intended vf.

Remove redundant "v" variable and iterate via single VF pointer across
whole function instead to guarantee VF pointer validity.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 13

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < cc9cd02dd9e8b7764ea9effb24f4f1dd73d1b23d

Version 76ed715836c6994bac29d9638e9314e6e3b08651

Status affected

Version < 9dcf0fcb80f6aeb01469e3c957f8d4c97365450a

Version e88c2a1e28c5475065563d66c07ca879a9afbd07

Status affected

Version < b8e82128b44fa40bf99a50b919488ef361e1683c

Version 9abae363af5ced6adbf04c14366289540281fb26

Status affected

Version < 951d2748a2a8242853abc3d0c153ce4bf8faad31

Version c39de3ae5075ea5f78e097cb5720d4e52d5caed9

Status affected

Version < 3e89846283f3cf7c7a8e28b342576fd7c561d2ba

Version 52424f974bc53c26ba3f00300a00e9de9afcd972

Status affected

Version < 0dcf573f997732702917af1563aa2493dc772fc0

Version 52424f974bc53c26ba3f00300a00e9de9afcd972

Status affected

Version < 06df7618f591b2dc43c59967e294d7b9fc8675b6

Version 52424f974bc53c26ba3f00300a00e9de9afcd972

Status affected

Version < f37c4eac99c258111d414d31b740437e1925b8e8

Version 52424f974bc53c26ba3f00300a00e9de9afcd972

Status affected

Version 02f949747e6fb767b29f7931d4bbf40911684e7a

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.1

Status affected

Version < 6.1

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.312

Status unaffected

Version <= 5.4.*

Version 5.4.274

Status unaffected

Version <= 5.10.*

Version 5.10.215

Status unaffected

Version <= 5.15.*

Version 5.15.154

Status unaffected

Version <= 6.1.*

Version 6.1.85

Status unaffected

Version <= 6.6.*

Version 6.6.26

Status unaffected

Version <= 6.8.*

Version 6.8.5

Status unaffected

Version <= *

Version 6.9

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.182

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

https://git.kernel.org/stable/c/06df7618f591b2dc43c59967e294d7b9fc8675b6

https://git.kernel.org/stable/c/0dcf573f997732702917af1563aa2493dc772fc0

https://git.kernel.org/stable/c/3e89846283f3cf7c7a8e28b342576fd7c561d2ba

https://git.kernel.org/stable/c/951d2748a2a8242853abc3d0c153ce4bf8faad31

https://git.kernel.org/stable/c/9dcf0fcb80f6aeb01469e3c957f8d4c97365450a

https://git.kernel.org/stable/c/b8e82128b44fa40bf99a50b919488ef361e1683c

https://git.kernel.org/stable/c/cc9cd02dd9e8b7764ea9effb24f4f1dd73d1b23d

https://git.kernel.org/stable/c/f37c4eac99c258111d414d31b740437e1925b8e8

https://nvd.nist.gov/vuln/detail/CVE-2024-36020

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-36020

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-36020

EUVD