4.7
CVE-2024-43866
- EPSS 0.16%
- Veröffentlicht 21.08.2024 00:15:05
- Zuletzt bearbeitet 03.11.2025 22:18:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net/mlx5: Always drain health in shutdown callback
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health WQ on shutdown callback.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.13.16 < 6.1.113
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.45
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.4
Linux ≫ Linux Kernel Version6.11 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.059 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/1b75da22ed1e6171e261bc9265370162553d5393
https://git.kernel.org/stable/c/5005e2e159b300c1b8c6820a1e13a62eb0127b9b
https://git.kernel.org/stable/c/6048dec754554a1303d632be6042d3feb3295285
https://git.kernel.org/stable/c/6b6c2ebd83f2bf97e8f221479372aaca97a4a9b2
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html