CVE-2024-56716

EPSS 0.05%
Published 29.12.2024 09:15:06
Last modified 03.11.2025 21:18:22
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: prevent bad user input in nsim_dev_health_break_write()

If either a zero count or a large one is provided, kernel can crash.

Affected products Warnungen 0 Metrics 3 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.233

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.176

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.122

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.68

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.7

Linux ≫ Linux Kernel Version6.13 Updaterc1

Linux ≫ Linux Kernel Version6.13 Updaterc2

Linux ≫ Linux Kernel Version6.13 Updaterc3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.158

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-1284 Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

https://git.kernel.org/stable/c/470c5ecbac2f19b1cdee2a6ce8d5650c3295c94b

Patch

https://git.kernel.org/stable/c/81bdfcd6e6a998e219c9dd49ec7291c2e0594bbc

Patch

https://git.kernel.org/stable/c/8e9ef6bdf71bf25f4735e0230ce1919de8985835

Patch

https://git.kernel.org/stable/c/b3a6daaf7cfb2de37b89fd7a5a2ad4ea9aa3e181

Patch

https://git.kernel.org/stable/c/d10321be26ff9e9e912697e9e8448099654ff561

Patch

https://git.kernel.org/stable/c/ee76746387f6233bdfa93d7406990f923641568f

Patch