5.5

CVE-2024-42135

EPSS 0.01%
Veröffentlicht 30.07.2024 08:15:05
Zuletzt bearbeitet 11.12.2024 14:59:33
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

vhost_task: Handle SIGKILL by flushing work and exiting

Instead of lingering until the device is closed, this has us handle
SIGKILL by:

1. marking the worker as killed so we no longer try to use it with
   new virtqueues and new flush operations.
2. setting the virtqueue to worker mapping so no new works are queued.
3. running all the exiting works.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.6.39

Linux ≫ Linux Kernel Version >= 6.7 < 6.9.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.007

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://git.kernel.org/stable/c/abe067dc3a662eef7d5cddbbc41ed50a0b68b0af

Patch

https://git.kernel.org/stable/c/db5247d9bf5c6ade9fd70b4e4897441e0269b233

Patch

https://git.kernel.org/stable/c/dec987fe2df670827eb53b97c9552ed8dfc63ad4

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-42135

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-42135

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-42135

EUVD