-

CVE-2024-36929

EPSS 0.05%
Veröffentlicht 30.05.2024 16:15:16
Zuletzt bearbeitet 21.11.2024 09:22:50
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

net: core: reject skb_copy(_expand) for fraglist GSO skbs

SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become
invalid. Return NULL if such an skb is passed to skb_copy or
skb_copy_expand, in order to prevent a crash on a potential later
call to skb_gso_segment.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < faa83a7797f06cefed86731ba4baa3b4dfdc06c1

Version 3a1296a38d0cf62bffb9a03c585cbd5dbf15d596

Status affected

Version < c7af99cc21923a9650533c9d77265c8dd683a533

Version 3a1296a38d0cf62bffb9a03c585cbd5dbf15d596

Status affected

Version < 989bf6fd1e1d058e73a364dce1a0c53d33373f62

Version 3a1296a38d0cf62bffb9a03c585cbd5dbf15d596

Status affected

Version < cfe34d86ef9765c388f145039006bb79b6c81ac6

Version 3a1296a38d0cf62bffb9a03c585cbd5dbf15d596

Status affected

Version < aea5e2669c2863fdd8679c40ee310b3bcaa85aec

Version 3a1296a38d0cf62bffb9a03c585cbd5dbf15d596

Status affected

Version < d091e579b864fa790dd6a0cd537a22c383126681

Version 3a1296a38d0cf62bffb9a03c585cbd5dbf15d596

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.6

Status affected

Version < 5.6

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.217

Status unaffected

Version <= 5.15.*

Version 5.15.159

Status unaffected

Version <= 6.1.*

Version 6.1.91

Status unaffected

Version <= 6.6.*

Version 6.6.31

Status unaffected

Version <= 6.8.*

Version 6.8.10

Status unaffected

Version <= *

Version 6.9

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.168

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

https://git.kernel.org/stable/c/989bf6fd1e1d058e73a364dce1a0c53d33373f62

https://git.kernel.org/stable/c/aea5e2669c2863fdd8679c40ee310b3bcaa85aec

https://git.kernel.org/stable/c/c7af99cc21923a9650533c9d77265c8dd683a533

https://git.kernel.org/stable/c/cfe34d86ef9765c388f145039006bb79b6c81ac6

https://git.kernel.org/stable/c/d091e579b864fa790dd6a0cd537a22c383126681

https://git.kernel.org/stable/c/faa83a7797f06cefed86731ba4baa3b4dfdc06c1

https://security.netapp.com/advisory/ntap-20240905-0010/

https://nvd.nist.gov/vuln/detail/CVE-2024-36929

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-36929

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-36929

EUVD