CVE-2024-38542

EPSS 0.02%
Published 19.06.2024 14:15:14
Last modified 01.04.2025 18:36:50
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mana_ib: boundary check before installing cq callbacks

Add a boundary check inside mana_ib_install_cq_cb to prevent index overflow.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.8.2 < 6.8.12

Linux ≫ Linux Kernel Version >= 6.9 < 6.9.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.032

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/168f6fbde0eabd71d1f4133df7d001a950b96977

Patch

https://git.kernel.org/stable/c/f12afddfb142587d786df9e3cc4862190d3e2ec8

Patch

https://git.kernel.org/stable/c/f79edef79b6a2161f4124112f9b0c46891bb0b74

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-38542

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-38542

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-38542

EUVD