5.5

CVE-2024-42113

net: txgbe: initialize num_q_vectors for MSI/INTx interrupts

In the Linux kernel, the following vulnerability has been resolved:

net: txgbe: initialize num_q_vectors for MSI/INTx interrupts

When using MSI/INTx interrupts, wx->num_q_vectors is uninitialized.
Thus there will be kernel panic in wx_alloc_q_vectors() to allocate
queue vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.3 < 6.6.39
LinuxLinux Kernel Version >= 6.7 < 6.9.9
LinuxLinux Kernel Version6.10 Updaterc1
LinuxLinux Kernel Version6.10 Updaterc2
LinuxLinux Kernel Version6.10 Updaterc3
LinuxLinux Kernel Version6.10 Updaterc4
LinuxLinux Kernel Version6.10 Updaterc5
LinuxLinux Kernel Version6.10 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.146
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/7c36711a2cd8059c2d24f5e5c1d76e8ea2d5613c
Patch
https://git.kernel.org/stable/c/9edc7a83cd40ac96ff14fe3a17a38f7ace6611df
Patch
https://git.kernel.org/stable/c/c98969226d1fe0c1dd779db8b1c444bc5294fc83
Patch