5.5

CVE-2024-40921

EPSS 0.01%
Published 12.07.2024 13:15:15
Last modified 17.09.2025 15:44:50
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state

Pass the already obtained vlan group pointer to br_mst_vlan_set_state()
instead of dereferencing it again. Each caller has already correctly
dereferenced it for their context. This change is required for the
following suspicious RCU dereference fix. No functional changes
intended.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.1.93 < 6.1.95

Linux ≫ Linux Kernel Version >= 6.6.33 < 6.6.35

Linux ≫ Linux Kernel Version >= 6.8.12 < 6.9

Linux ≫ Linux Kernel Version >= 6.9.3 < 6.9.6

Linux ≫ Linux Kernel Version6.10 Updaterc1

Linux ≫ Linux Kernel Version6.10 Updaterc2

Linux ≫ Linux Kernel Version6.10 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.009

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://git.kernel.org/stable/c/09f4337c27f5bdeb8646a6db91488cc2f7d537ff

Patch

https://git.kernel.org/stable/c/36c92936e868601fa1f43da6758cf55805043509

Patch

https://git.kernel.org/stable/c/a6cc9e9a651b9861efa068c164ee62dfba68c6ca

Patch

https://git.kernel.org/stable/c/d2dc02775fc0c4eacaee833a0637e5958884a8e5

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-40921

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-40921

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-40921

EUVD