5.5
CVE-2024-57973
- EPSS 0.23%
- Veröffentlicht 27.02.2025 02:15:10
- Zuletzt bearbeitet 03.11.2025 20:16:55
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
rdma/cxgb4: Prevent potential integer overflow on 32bit
In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" variable is controlled by the user. It comes from process_responses(). On 32bit systems, the "gl->tot_len + sizeof(struct cpl_pass_accept_req) + sizeof(struct rss_header)" addition could have an integer wrapping bug. Use size_add() to prevent this.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.8 < 6.1.129
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.76
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.13
Linux ≫ Linux Kernel Version >= 6.13 < 6.13.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.136 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
https://git.kernel.org/stable/c/4422f452d028850b9cc4fd8f1cf45a8ff91855eb
https://git.kernel.org/stable/c/aeb814484387811b3579d5c78ad4eb301e3bf1c8
https://git.kernel.org/stable/c/bd96a3935e89486304461a21752f824fc25e0f0b
https://git.kernel.org/stable/c/dd352107f22bfbecbbf3b74bde14f3f932296309
https://git.kernel.org/stable/c/de8d88b68d0cfd41152a7a63d6aec0ed3e1b837a
https://git.kernel.org/stable/c/2b759f78b83221f4a1cae3aeb20b500e375f3ee6
https://git.kernel.org/stable/c/d64148a10a85952352de6091ceed99fb9ce2d3ee
https://git.kernel.org/stable/c/e53ca458f543aa352d09b484550de173cb9085c2
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html