5.5

CVE-2024-56716

netdevsim: prevent bad user input in nsim_dev_health_break_write()

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: prevent bad user input in nsim_dev_health_break_write()

If either a zero count or a large one is provided, kernel can crash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.5 < 5.10.233
LinuxLinux Kernel Version >= 5.11 < 5.15.176
LinuxLinux Kernel Version >= 5.16 < 6.1.122
LinuxLinux Kernel Version >= 6.2 < 6.6.68
LinuxLinux Kernel Version >= 6.7 < 6.12.7
LinuxLinux Kernel Version6.13 Updaterc1
LinuxLinux Kernel Version6.13 Updaterc2
LinuxLinux Kernel Version6.13 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.2% 0.102
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-1284 Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

https://git.kernel.org/stable/c/470c5ecbac2f19b1cdee2a6ce8d5650c3295c94b
Patch
https://git.kernel.org/stable/c/81bdfcd6e6a998e219c9dd49ec7291c2e0594bbc
Patch
https://git.kernel.org/stable/c/8e9ef6bdf71bf25f4735e0230ce1919de8985835
Patch
https://git.kernel.org/stable/c/b3a6daaf7cfb2de37b89fd7a5a2ad4ea9aa3e181
Patch
https://git.kernel.org/stable/c/d10321be26ff9e9e912697e9e8448099654ff561
Patch
https://git.kernel.org/stable/c/ee76746387f6233bdfa93d7406990f923641568f
Patch
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html