7.5
CVE-2024-42225
- EPSS 0.48%
- Veröffentlicht 30.07.2024 08:15:07
- Zuletzt bearbeitet 03.11.2025 22:17:44
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
wifi: mt76: replace skb_put with skb_put_zero
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.15.163
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.98
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.39
Linux ≫ Linux Kernel Version >= 6.7 < 6.9.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.374 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
https://git.kernel.org/stable/c/22ea2a7f0b64d323625950414a4496520fb33657
https://git.kernel.org/stable/c/64f86337ccfe77fe3be5a9356b0dabde23fbb074
https://git.kernel.org/stable/c/7f819a2f4fbc510e088b49c79addcf1734503578
https://git.kernel.org/stable/c/dc7f14d00d0c4c21898f3504607f4a31079065a2
https://git.kernel.org/stable/c/ff6b26be13032c5fbd6b6a0b24358f8eaac4f3af
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html