7
CVE-2024-42162
- EPSS 0.2%
- Veröffentlicht 30.07.2024 08:15:07
- Zuletzt bearbeitet 21.11.2024 09:33:43
- CVE-Watchlists
- Unerledigt
gve: Account for stopped queues when reading NIC stats
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid access on the priv->stats_report->stats array.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.3 <= 6.9.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.092 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
https://git.kernel.org/stable/c/32675d828c8a392e20d5b42375ed112c407e4b62
https://git.kernel.org/stable/c/af9bcf910b1f86244f39e15e701b2dc564b469a6