Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0613
Vulnerability from certfr_avis - Published: 2024-07-19 - Updated: 2024-07-19
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian bullseye versions ant\u00e9rieures \u00e0 5.10.221-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.99-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-40931",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40931"
},
{
"name": "CVE-2024-38662",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38662"
},
{
"name": "CVE-2024-41001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41001"
},
{
"name": "CVE-2024-38627",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38627"
},
{
"name": "CVE-2024-38599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38599"
},
{
"name": "CVE-2024-37353",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37353"
},
{
"name": "CVE-2024-39298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39298"
},
{
"name": "CVE-2024-38555",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38555"
},
{
"name": "CVE-2024-39503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39503"
},
{
"name": "CVE-2024-40903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40903"
},
{
"name": "CVE-2024-40988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40988"
},
{
"name": "CVE-2024-41004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41004"
},
{
"name": "CVE-2024-36973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36973"
},
{
"name": "CVE-2024-40919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40919"
},
{
"name": "CVE-2024-40935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40935"
},
{
"name": "CVE-2024-26629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26629"
},
{
"name": "CVE-2024-38583",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38583"
},
{
"name": "CVE-2023-52760",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52760"
},
{
"name": "CVE-2024-39474",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39474"
},
{
"name": "CVE-2024-41000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41000"
},
{
"name": "CVE-2024-36974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36974"
},
{
"name": "CVE-2024-39496",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39496"
},
{
"name": "CVE-2024-27397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27397"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-38548",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38548"
},
{
"name": "CVE-2022-48772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48772"
},
{
"name": "CVE-2024-37356",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
},
{
"name": "CVE-2024-38659",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38659"
},
{
"name": "CVE-2024-39469",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39469"
},
{
"name": "CVE-2024-39509",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39509"
},
{
"name": "CVE-2024-39484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39484"
},
{
"name": "CVE-2024-40971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40971"
},
{
"name": "CVE-2024-39505",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39505"
},
{
"name": "CVE-2024-38601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38601"
},
{
"name": "CVE-2024-40932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40932"
},
{
"name": "CVE-2024-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38546"
},
{
"name": "CVE-2024-41006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41006"
},
{
"name": "CVE-2024-38596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38596"
},
{
"name": "CVE-2024-40904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40904"
},
{
"name": "CVE-2024-40900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40900"
},
{
"name": "CVE-2024-40920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40920"
},
{
"name": "CVE-2024-38590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38590"
},
{
"name": "CVE-2024-40960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40960"
},
{
"name": "CVE-2024-39480",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39480"
},
{
"name": "CVE-2024-33847",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33847"
},
{
"name": "CVE-2024-39488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39488"
},
{
"name": "CVE-2024-40959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40959"
},
{
"name": "CVE-2024-40899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40899"
},
{
"name": "CVE-2024-38560",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38560"
},
{
"name": "CVE-2024-25741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25741"
},
{
"name": "CVE-2024-40937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40937"
},
{
"name": "CVE-2024-40916",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40916"
},
{
"name": "CVE-2024-38578",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38578"
},
{
"name": "CVE-2024-38586",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
},
{
"name": "CVE-2024-40976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40976"
},
{
"name": "CVE-2024-39468",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39468"
},
{
"name": "CVE-2024-38582",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38582"
},
{
"name": "CVE-2024-40980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40980"
},
{
"name": "CVE-2024-40974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40974"
},
{
"name": "CVE-2024-38558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
},
{
"name": "CVE-2024-38613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38613"
},
{
"name": "CVE-2024-40989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40989"
},
{
"name": "CVE-2024-36286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36286"
},
{
"name": "CVE-2024-34027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34027"
},
{
"name": "CVE-2024-39502",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39502"
},
{
"name": "CVE-2024-40977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40977"
},
{
"name": "CVE-2024-40983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40983"
},
{
"name": "CVE-2024-38565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38565"
},
{
"name": "CVE-2024-38612",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38612"
},
{
"name": "CVE-2024-39301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39301"
},
{
"name": "CVE-2024-39467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39467"
},
{
"name": "CVE-2024-40940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40940"
},
{
"name": "CVE-2024-40963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40963"
},
{
"name": "CVE-2024-36270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36270"
},
{
"name": "CVE-2024-40947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40947"
},
{
"name": "CVE-2024-41005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41005"
},
{
"name": "CVE-2024-39507",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39507"
},
{
"name": "CVE-2024-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
},
{
"name": "CVE-2024-36978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36978"
},
{
"name": "CVE-2024-40905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40905"
},
{
"name": "CVE-2024-40906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40906"
},
{
"name": "CVE-2024-39475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39475"
},
{
"name": "CVE-2024-40902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40902"
},
{
"name": "CVE-2024-40934",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40934"
},
{
"name": "CVE-2024-40970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40970"
},
{
"name": "CVE-2024-40912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40912"
},
{
"name": "CVE-2024-39487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
},
{
"name": "CVE-2024-39371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39371"
},
{
"name": "CVE-2024-39489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39489"
},
{
"name": "CVE-2024-38634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38634"
},
{
"name": "CVE-2024-31076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31076"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2024-38547",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38547"
},
{
"name": "CVE-2024-40938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40938"
},
{
"name": "CVE-2024-36971",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
},
{
"name": "CVE-2024-35247",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35247"
},
{
"name": "CVE-2024-40948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40948"
},
{
"name": "CVE-2024-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38633"
},
{
"name": "CVE-2024-40995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40995"
},
{
"name": "CVE-2024-39500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39500"
},
{
"name": "CVE-2024-40910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40910"
},
{
"name": "CVE-2024-40929",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40929"
},
{
"name": "CVE-2024-39501",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39501"
},
{
"name": "CVE-2024-36014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36014"
},
{
"name": "CVE-2024-36015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36015"
},
{
"name": "CVE-2024-40943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40943"
},
{
"name": "CVE-2024-36489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36489"
},
{
"name": "CVE-2024-40901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40901"
},
{
"name": "CVE-2024-39495",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39495"
},
{
"name": "CVE-2024-39471",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39471"
},
{
"name": "CVE-2024-39494",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39494"
},
{
"name": "CVE-2024-40954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40954"
},
{
"name": "CVE-2024-40908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40908"
},
{
"name": "CVE-2024-40913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40913"
},
{
"name": "CVE-2024-38549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38549"
},
{
"name": "CVE-2024-38619",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38619"
},
{
"name": "CVE-2024-40956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40956"
},
{
"name": "CVE-2024-40966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40966"
},
{
"name": "CVE-2024-38780",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38780"
},
{
"name": "CVE-2024-39476",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39476"
},
{
"name": "CVE-2024-40957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40957"
},
{
"name": "CVE-2024-40939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40939"
},
{
"name": "CVE-2024-40994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40994"
},
{
"name": "CVE-2024-38567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38567"
},
{
"name": "CVE-2024-27019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27019"
},
{
"name": "CVE-2024-40987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40987"
},
{
"name": "CVE-2024-40927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40927"
},
{
"name": "CVE-2024-40945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40945"
},
{
"name": "CVE-2024-40941",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40941"
},
{
"name": "CVE-2024-40967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40967"
},
{
"name": "CVE-2024-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38637"
},
{
"name": "CVE-2024-38635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38635"
},
{
"name": "CVE-2024-40921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40921"
},
{
"name": "CVE-2024-40984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40984"
},
{
"name": "CVE-2024-36016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36016"
},
{
"name": "CVE-2024-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38618"
},
{
"name": "CVE-2024-39276",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39276"
},
{
"name": "CVE-2024-39506",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39506"
},
{
"name": "CVE-2024-40990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40990"
},
{
"name": "CVE-2024-40978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40978"
},
{
"name": "CVE-2024-40968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40968"
},
{
"name": "CVE-2024-38589",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38589"
},
{
"name": "CVE-2024-38598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38598"
},
{
"name": "CVE-2024-38381",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38381"
},
{
"name": "CVE-2024-37078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37078"
},
{
"name": "CVE-2024-38661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38661"
},
{
"name": "CVE-2024-39493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
},
{
"name": "CVE-2024-40996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40996"
},
{
"name": "CVE-2024-40958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40958"
},
{
"name": "CVE-2024-38559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38559"
},
{
"name": "CVE-2024-40981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40981"
},
{
"name": "CVE-2024-38621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38621"
},
{
"name": "CVE-2024-40915",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40915"
},
{
"name": "CVE-2024-38597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38597"
},
{
"name": "CVE-2024-40993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40993"
},
{
"name": "CVE-2024-39482",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39482"
},
{
"name": "CVE-2024-36288",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36288"
},
{
"name": "CVE-2024-39499",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39499"
},
{
"name": "CVE-2024-38579",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38579"
},
{
"name": "CVE-2024-39292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39292"
},
{
"name": "CVE-2024-38607",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38607"
},
{
"name": "CVE-2024-38587",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38587"
},
{
"name": "CVE-2024-41002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41002"
},
{
"name": "CVE-2024-40911",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40911"
},
{
"name": "CVE-2024-36894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36894"
},
{
"name": "CVE-2024-40942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40942"
},
{
"name": "CVE-2024-38605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38605"
},
{
"name": "CVE-2024-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38552"
},
{
"name": "CVE-2024-39510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39510"
},
{
"name": "CVE-2024-38615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38615"
},
{
"name": "CVE-2024-40914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40914"
},
{
"name": "CVE-2024-40953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40953"
},
{
"name": "CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
}
],
"initial_release_date": "2024-07-19T00:00:00",
"last_revision_date": "2024-07-19T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0613",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2024-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-5731-1",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00142.html"
},
{
"published_at": "2024-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-5730-1",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00141.html"
}
]
}
CVE-2024-40988 (GCVE-0-2024-40988)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-11 20:23
VLAI
EPSS
Title
drm/radeon: fix UBSAN warning in kv_dpm.c
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/radeon: fix UBSAN warning in kv_dpm.c
Adds bounds check for sumo_vid_mapping_entry.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
80ea2c129c76a4159a93efeaef4385b6c964dfac , < 07e8f15fa16695cf4c90e89854e59af4a760055b
(git)
Affected: 80ea2c129c76a4159a93efeaef4385b6c964dfac , < a8c6df9fe5bc390645d1e96eff14ffe414951aad (git) Affected: 80ea2c129c76a4159a93efeaef4385b6c964dfac , < febe794b83693257f21a23d2e03ea695a62449c8 (git) Affected: 80ea2c129c76a4159a93efeaef4385b6c964dfac , < cf1cc8fcfe517e108794fb711f7faabfca0dc855 (git) Affected: 80ea2c129c76a4159a93efeaef4385b6c964dfac , < f803532bc3825384100dfc58873e035d77248447 (git) Affected: 80ea2c129c76a4159a93efeaef4385b6c964dfac , < 9e57611182a817824a17b1c3dd300ee74a174b42 (git) Affected: 80ea2c129c76a4159a93efeaef4385b6c964dfac , < 468a50fd46a09bba7ba18a11054ae64b6479ecdc (git) Affected: 80ea2c129c76a4159a93efeaef4385b6c964dfac , < a498df5421fd737d11bfd152428ba6b1c8538321 (git) |
|
| Linux | Linux |
Affected:
3.11
Unaffected: 0 , < 3.11 (semver) Unaffected: 4.19.317 , ≤ 4.19.* (semver) Unaffected: 5.4.279 , ≤ 5.4.* (semver) Unaffected: 5.10.221 , ≤ 5.10.* (semver) Unaffected: 5.15.162 , ≤ 5.15.* (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:58:52.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/07e8f15fa16695cf4c90e89854e59af4a760055b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a8c6df9fe5bc390645d1e96eff14ffe414951aad"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/febe794b83693257f21a23d2e03ea695a62449c8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf1cc8fcfe517e108794fb711f7faabfca0dc855"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f803532bc3825384100dfc58873e035d77248447"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9e57611182a817824a17b1c3dd300ee74a174b42"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/468a50fd46a09bba7ba18a11054ae64b6479ecdc"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a498df5421fd737d11bfd152428ba6b1c8538321"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40988",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:57.675980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:20.590Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/radeon/sumo_dpm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "07e8f15fa16695cf4c90e89854e59af4a760055b",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
},
{
"lessThan": "a8c6df9fe5bc390645d1e96eff14ffe414951aad",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
},
{
"lessThan": "febe794b83693257f21a23d2e03ea695a62449c8",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
},
{
"lessThan": "cf1cc8fcfe517e108794fb711f7faabfca0dc855",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
},
{
"lessThan": "f803532bc3825384100dfc58873e035d77248447",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
},
{
"lessThan": "9e57611182a817824a17b1c3dd300ee74a174b42",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
},
{
"lessThan": "468a50fd46a09bba7ba18a11054ae64b6479ecdc",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
},
{
"lessThan": "a498df5421fd737d11bfd152428ba6b1c8538321",
"status": "affected",
"version": "80ea2c129c76a4159a93efeaef4385b6c964dfac",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/radeon/sumo_dpm.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.11"
},
{
"lessThan": "3.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.317",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.279",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.317",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.279",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.221",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.162",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix UBSAN warning in kv_dpm.c\n\nAdds bounds check for sumo_vid_mapping_entry."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:23:42.512Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/07e8f15fa16695cf4c90e89854e59af4a760055b"
},
{
"url": "https://git.kernel.org/stable/c/a8c6df9fe5bc390645d1e96eff14ffe414951aad"
},
{
"url": "https://git.kernel.org/stable/c/febe794b83693257f21a23d2e03ea695a62449c8"
},
{
"url": "https://git.kernel.org/stable/c/cf1cc8fcfe517e108794fb711f7faabfca0dc855"
},
{
"url": "https://git.kernel.org/stable/c/f803532bc3825384100dfc58873e035d77248447"
},
{
"url": "https://git.kernel.org/stable/c/9e57611182a817824a17b1c3dd300ee74a174b42"
},
{
"url": "https://git.kernel.org/stable/c/468a50fd46a09bba7ba18a11054ae64b6479ecdc"
},
{
"url": "https://git.kernel.org/stable/c/a498df5421fd737d11bfd152428ba6b1c8538321"
}
],
"title": "drm/radeon: fix UBSAN warning in kv_dpm.c",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40988",
"datePublished": "2024-07-12T12:37:33.133Z",
"dateReserved": "2024-07-12T12:17:45.605Z",
"dateUpdated": "2026-05-11T20:23:42.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-40989 (GCVE-0-2024-40989)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-11 20:23
VLAI
EPSS
Title
KVM: arm64: Disassociate vcpus from redistributor region on teardown
Summary
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Disassociate vcpus from redistributor region on teardown
When tearing down a redistributor region, make sure we don't have
any dangling pointer to that region stored in a vcpu.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
e5a35635464bc5304674b84ea42615a3fd0bd949 , < 68df4fc449fcc24347209e500ce26d5816705a77
(git)
Affected: e5a35635464bc5304674b84ea42615a3fd0bd949 , < 48bb62859d47c5c4197a8c01128d0fa4f46ee58c (git) Affected: e5a35635464bc5304674b84ea42615a3fd0bd949 , < 152b4123f21e6aff31cea01158176ad96a999c76 (git) Affected: e5a35635464bc5304674b84ea42615a3fd0bd949 , < 0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8 (git) |
|
| Linux | Linux |
Affected:
5.13
Unaffected: 0 , < 5.13 (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:58:53.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/68df4fc449fcc24347209e500ce26d5816705a77"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/48bb62859d47c5c4197a8c01128d0fa4f46ee58c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/152b4123f21e6aff31cea01158176ad96a999c76"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:54.595799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:20.480Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/arm64/kvm/vgic/vgic-init.c",
"arch/arm64/kvm/vgic/vgic-mmio-v3.c",
"arch/arm64/kvm/vgic/vgic.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "68df4fc449fcc24347209e500ce26d5816705a77",
"status": "affected",
"version": "e5a35635464bc5304674b84ea42615a3fd0bd949",
"versionType": "git"
},
{
"lessThan": "48bb62859d47c5c4197a8c01128d0fa4f46ee58c",
"status": "affected",
"version": "e5a35635464bc5304674b84ea42615a3fd0bd949",
"versionType": "git"
},
{
"lessThan": "152b4123f21e6aff31cea01158176ad96a999c76",
"status": "affected",
"version": "e5a35635464bc5304674b84ea42615a3fd0bd949",
"versionType": "git"
},
{
"lessThan": "0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8",
"status": "affected",
"version": "e5a35635464bc5304674b84ea42615a3fd0bd949",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/arm64/kvm/vgic/vgic-init.c",
"arch/arm64/kvm/vgic/vgic-mmio-v3.c",
"arch/arm64/kvm/vgic/vgic.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.13"
},
{
"lessThan": "5.13",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "5.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "5.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Disassociate vcpus from redistributor region on teardown\n\nWhen tearing down a redistributor region, make sure we don\u0027t have\nany dangling pointer to that region stored in a vcpu."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:23:43.682Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/68df4fc449fcc24347209e500ce26d5816705a77"
},
{
"url": "https://git.kernel.org/stable/c/48bb62859d47c5c4197a8c01128d0fa4f46ee58c"
},
{
"url": "https://git.kernel.org/stable/c/152b4123f21e6aff31cea01158176ad96a999c76"
},
{
"url": "https://git.kernel.org/stable/c/0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8"
}
],
"title": "KVM: arm64: Disassociate vcpus from redistributor region on teardown",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40989",
"datePublished": "2024-07-12T12:37:33.823Z",
"dateReserved": "2024-07-12T12:17:45.605Z",
"dateUpdated": "2026-05-11T20:23:43.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-40990 (GCVE-0-2024-40990)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-11 20:23
VLAI
EPSS
Title
RDMA/mlx5: Add check for srq max_sge attribute
Summary
In the Linux kernel, the following vulnerability has been resolved:
RDMA/mlx5: Add check for srq max_sge attribute
max_sge attribute is passed by the user, and is inserted and used
unchecked, so verify that the value doesn't exceed maximum allowed value
before using it.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c , < 7186b81c1f15e39069b1af172c6a951728ed3511
(git)
Affected: e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c , < 1e692244bf7dd827dd72edc6c4a3b36ae572f03c (git) Affected: e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c , < 999586418600b4b3b93c2a0edd3a4ca71ee759bf (git) Affected: e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c , < e0deb0e9c967b61420235f7f17a4450b4b4d6ce2 (git) Affected: e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c , < 4ab99e3613139f026d2d8ba954819e2876120ab3 (git) Affected: e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c , < 36ab7ada64caf08f10ee5a114d39964d1f91e81d (git) |
|
| Linux | Linux |
Affected:
3.11
Unaffected: 0 , < 3.11 (semver) Unaffected: 5.10.221 , ≤ 5.10.* (semver) Unaffected: 5.15.162 , ≤ 5.15.* (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:58:55.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40990",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:51.391484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:20.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/mlx5/srq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7186b81c1f15e39069b1af172c6a951728ed3511",
"status": "affected",
"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c",
"versionType": "git"
},
{
"lessThan": "1e692244bf7dd827dd72edc6c4a3b36ae572f03c",
"status": "affected",
"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c",
"versionType": "git"
},
{
"lessThan": "999586418600b4b3b93c2a0edd3a4ca71ee759bf",
"status": "affected",
"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c",
"versionType": "git"
},
{
"lessThan": "e0deb0e9c967b61420235f7f17a4450b4b4d6ce2",
"status": "affected",
"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c",
"versionType": "git"
},
{
"lessThan": "4ab99e3613139f026d2d8ba954819e2876120ab3",
"status": "affected",
"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c",
"versionType": "git"
},
{
"lessThan": "36ab7ada64caf08f10ee5a114d39964d1f91e81d",
"status": "affected",
"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/infiniband/hw/mlx5/srq.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.11"
},
{
"lessThan": "3.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.221",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.162",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Add check for srq max_sge attribute\n\nmax_sge attribute is passed by the user, and is inserted and used\nunchecked, so verify that the value doesn\u0027t exceed maximum allowed value\nbefore using it."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:23:44.839Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511"
},
{
"url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c"
},
{
"url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf"
},
{
"url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2"
},
{
"url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3"
},
{
"url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d"
}
],
"title": "RDMA/mlx5: Add check for srq max_sge attribute",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40990",
"datePublished": "2024-07-12T12:37:34.485Z",
"dateReserved": "2024-07-12T12:17:45.605Z",
"dateUpdated": "2026-05-11T20:23:44.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-40993 (GCVE-0-2024-40993)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-12 11:56
VLAI
EPSS
Title
netfilter: ipset: Fix suspicious rcu_dereference_protected()
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: Fix suspicious rcu_dereference_protected()
When destroying all sets, we are either in pernet exit phase or
are executing a "destroy all sets command" from userspace. The latter
was taken into account in ip_set_dereference() (nfnetlink mutex is held),
but the former was not. The patch adds the required check to
rcu_dereference_protected() in ip_set_dereference().
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
c0761d1f1ce1d5b85b5e82bbb714df12de1aa8c3 , < 3799d02ae4208af08e81310770d8754863a246a1
(git)
Affected: 93b53c202b51a69e42ca57f5a183f7e008e19f83 , < 72d9611968867cc4c5509e7708b1507d692b797a (git) Affected: 0f1bb77c6d837c9513943bc7c08f04c5cc5c6568 , < 523bed6489e089dd8040e72453fb79da47b144c2 (git) Affected: 390b353d1a1da3e9c6c0fd14fe650d69063c95d6 , < 788d585e62f487bc4536d454937f737b70d39a33 (git) Affected: 2ba35b37f780c6410bb4bba9c3072596d8576702 , < 94dd411c18d7fff9e411555d5c662d29416501e4 (git) Affected: 90ae20d47de602198eb69e6cd7a3db3420abfc08 , < 3fc09e1ca854bc234e007a56e0f7431f5e2defb5 (git) Affected: 4e7aaa6b82d63e8ddcbfb56b4fd3d014ca586f10 , < 8ecd06277a7664f4ef018abae3abd3451d64e7a6 (git) |
|
| Linux | Linux |
Affected:
6.1.95 , < 6.1.96
(semver)
Affected: 6.6.35 , < 6.6.36 (semver) Affected: 6.9.6 , < 6.9.7 (semver) |
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:58:56.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3799d02ae4208af08e81310770d8754863a246a1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/72d9611968867cc4c5509e7708b1507d692b797a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/523bed6489e089dd8040e72453fb79da47b144c2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/788d585e62f487bc4536d454937f737b70d39a33"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/94dd411c18d7fff9e411555d5c662d29416501e4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3fc09e1ca854bc234e007a56e0f7431f5e2defb5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8ecd06277a7664f4ef018abae3abd3451d64e7a6"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:41.687653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:20.022Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:56:05.682Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/ipset/ip_set_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3799d02ae4208af08e81310770d8754863a246a1",
"status": "affected",
"version": "c0761d1f1ce1d5b85b5e82bbb714df12de1aa8c3",
"versionType": "git"
},
{
"lessThan": "72d9611968867cc4c5509e7708b1507d692b797a",
"status": "affected",
"version": "93b53c202b51a69e42ca57f5a183f7e008e19f83",
"versionType": "git"
},
{
"lessThan": "523bed6489e089dd8040e72453fb79da47b144c2",
"status": "affected",
"version": "0f1bb77c6d837c9513943bc7c08f04c5cc5c6568",
"versionType": "git"
},
{
"lessThan": "788d585e62f487bc4536d454937f737b70d39a33",
"status": "affected",
"version": "390b353d1a1da3e9c6c0fd14fe650d69063c95d6",
"versionType": "git"
},
{
"lessThan": "94dd411c18d7fff9e411555d5c662d29416501e4",
"status": "affected",
"version": "2ba35b37f780c6410bb4bba9c3072596d8576702",
"versionType": "git"
},
{
"lessThan": "3fc09e1ca854bc234e007a56e0f7431f5e2defb5",
"status": "affected",
"version": "90ae20d47de602198eb69e6cd7a3db3420abfc08",
"versionType": "git"
},
{
"lessThan": "8ecd06277a7664f4ef018abae3abd3451d64e7a6",
"status": "affected",
"version": "4e7aaa6b82d63e8ddcbfb56b4fd3d014ca586f10",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/ipset/ip_set_core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6.1.96",
"status": "affected",
"version": "6.1.95",
"versionType": "semver"
},
{
"lessThan": "6.6.36",
"status": "affected",
"version": "6.6.35",
"versionType": "semver"
},
{
"lessThan": "6.9.7",
"status": "affected",
"version": "6.9.6",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "6.1.95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "6.6.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "6.9.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Fix suspicious rcu_dereference_protected()\n\nWhen destroying all sets, we are either in pernet exit phase or\nare executing a \"destroy all sets command\" from userspace. The latter\nwas taken into account in ip_set_dereference() (nfnetlink mutex is held),\nbut the former was not. The patch adds the required check to\nrcu_dereference_protected() in ip_set_dereference()."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:23:52.803Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3799d02ae4208af08e81310770d8754863a246a1"
},
{
"url": "https://git.kernel.org/stable/c/72d9611968867cc4c5509e7708b1507d692b797a"
},
{
"url": "https://git.kernel.org/stable/c/523bed6489e089dd8040e72453fb79da47b144c2"
},
{
"url": "https://git.kernel.org/stable/c/788d585e62f487bc4536d454937f737b70d39a33"
},
{
"url": "https://git.kernel.org/stable/c/94dd411c18d7fff9e411555d5c662d29416501e4"
},
{
"url": "https://git.kernel.org/stable/c/3fc09e1ca854bc234e007a56e0f7431f5e2defb5"
},
{
"url": "https://git.kernel.org/stable/c/8ecd06277a7664f4ef018abae3abd3451d64e7a6"
}
],
"title": "netfilter: ipset: Fix suspicious rcu_dereference_protected()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40993",
"datePublished": "2024-07-12T12:37:36.453Z",
"dateReserved": "2024-07-12T12:17:45.606Z",
"dateUpdated": "2026-05-12T11:56:05.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-40994 (GCVE-0-2024-40994)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-11 20:23
VLAI
EPSS
Title
ptp: fix integer overflow in max_vclocks_store
Summary
In the Linux kernel, the following vulnerability has been resolved:
ptp: fix integer overflow in max_vclocks_store
On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc()
to do the allocation to prevent this.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
44c494c8e30e35713c7d11ca3c5ab332cbfabacf , < 4b03da87d0b7074c93d9662c6e1a8939f9b8b86e
(git)
Affected: 44c494c8e30e35713c7d11ca3c5ab332cbfabacf , < d50d62d5e6ee6aa03c00bddb91745d0b632d3b0f (git) Affected: 44c494c8e30e35713c7d11ca3c5ab332cbfabacf , < 666e934d749e50a37f3796caaf843a605f115b6f (git) Affected: 44c494c8e30e35713c7d11ca3c5ab332cbfabacf , < e1fccfb4638ee6188377867f6015d0ce35764a8e (git) Affected: 44c494c8e30e35713c7d11ca3c5ab332cbfabacf , < 81d23d2a24012e448f651e007fac2cfd20a45ce0 (git) |
|
| Linux | Linux |
Affected:
5.14
Unaffected: 0 , < 5.14 (semver) Unaffected: 5.15.162 , ≤ 5.15.* (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:58:58.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b03da87d0b7074c93d9662c6e1a8939f9b8b86e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d50d62d5e6ee6aa03c00bddb91745d0b632d3b0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/666e934d749e50a37f3796caaf843a605f115b6f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e1fccfb4638ee6188377867f6015d0ce35764a8e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/81d23d2a24012e448f651e007fac2cfd20a45ce0"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:38.458996Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:19.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/ptp/ptp_sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4b03da87d0b7074c93d9662c6e1a8939f9b8b86e",
"status": "affected",
"version": "44c494c8e30e35713c7d11ca3c5ab332cbfabacf",
"versionType": "git"
},
{
"lessThan": "d50d62d5e6ee6aa03c00bddb91745d0b632d3b0f",
"status": "affected",
"version": "44c494c8e30e35713c7d11ca3c5ab332cbfabacf",
"versionType": "git"
},
{
"lessThan": "666e934d749e50a37f3796caaf843a605f115b6f",
"status": "affected",
"version": "44c494c8e30e35713c7d11ca3c5ab332cbfabacf",
"versionType": "git"
},
{
"lessThan": "e1fccfb4638ee6188377867f6015d0ce35764a8e",
"status": "affected",
"version": "44c494c8e30e35713c7d11ca3c5ab332cbfabacf",
"versionType": "git"
},
{
"lessThan": "81d23d2a24012e448f651e007fac2cfd20a45ce0",
"status": "affected",
"version": "44c494c8e30e35713c7d11ca3c5ab332cbfabacf",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/ptp/ptp_sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.162",
"versionStartIncluding": "5.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "5.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "5.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "5.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "5.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: fix integer overflow in max_vclocks_store\n\nOn 32bit systems, the \"4 * max\" multiply can overflow. Use kcalloc()\nto do the allocation to prevent this."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:23:56.957Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b03da87d0b7074c93d9662c6e1a8939f9b8b86e"
},
{
"url": "https://git.kernel.org/stable/c/d50d62d5e6ee6aa03c00bddb91745d0b632d3b0f"
},
{
"url": "https://git.kernel.org/stable/c/666e934d749e50a37f3796caaf843a605f115b6f"
},
{
"url": "https://git.kernel.org/stable/c/e1fccfb4638ee6188377867f6015d0ce35764a8e"
},
{
"url": "https://git.kernel.org/stable/c/81d23d2a24012e448f651e007fac2cfd20a45ce0"
}
],
"title": "ptp: fix integer overflow in max_vclocks_store",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40994",
"datePublished": "2024-07-12T12:37:37.124Z",
"dateReserved": "2024-07-12T12:17:45.606Z",
"dateUpdated": "2026-05-11T20:23:56.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-40995 (GCVE-0-2024-40995)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-12 11:56
VLAI
EPSS
Title
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
Summary
In the Linux kernel, the following vulnerability has been resolved:
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
syzbot found hanging tasks waiting on rtnl_lock [1]
A reproducer is available in the syzbot bug.
When a request to add multiple actions with the same index is sent, the
second request will block forever on the first request. This holds
rtnl_lock, and causes tasks to hang.
Return -EAGAIN to prevent infinite looping, while keeping documented
behavior.
[1]
INFO: task kworker/1:0:5088 blocked for more than 143 seconds.
Not tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000
Workqueue: events_power_efficient reg_check_chans_work
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5409 [inline]
__schedule+0xf15/0x5d00 kernel/sched/core.c:6746
__schedule_loop kernel/sched/core.c:6823 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6838
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
wiphy_lock include/net/cfg80211.h:5953 [inline]
reg_leave_invalid_chans net/wireless/reg.c:2466 [inline]
reg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
11 references
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
0190c1d452a91c38a3462abdd81752be1b9006a8 , < 0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74
(git)
Affected: 0190c1d452a91c38a3462abdd81752be1b9006a8 , < c6a7da65a296745535a964be1019ec7691b0cb90 (git) Affected: 0190c1d452a91c38a3462abdd81752be1b9006a8 , < 25987a97eec4d5f897cd04ee1b45170829c610da (git) Affected: 0190c1d452a91c38a3462abdd81752be1b9006a8 , < 6fc78d67f51aeb9a542d39a8714e16bc411582d4 (git) Affected: 0190c1d452a91c38a3462abdd81752be1b9006a8 , < 5f926aa96b08b6c47178fe1171e7ae331c695fc2 (git) Affected: 0190c1d452a91c38a3462abdd81752be1b9006a8 , < 7a0e497b597df7c4cf2b63fc6e9188b6cabe5335 (git) Affected: 0190c1d452a91c38a3462abdd81752be1b9006a8 , < d864319871b05fadd153e0aede4811ca7008f5d6 (git) |
|
| Linux | Linux |
Affected:
4.19
Unaffected: 0 , < 4.19 (semver) Unaffected: 5.4.279 , ≤ 5.4.* (semver) Unaffected: 5.10.221 , ≤ 5.10.* (semver) Unaffected: 5.15.162 , ≤ 5.15.* (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
|
| Siemens | RUGGEDCOM RST2428P |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | RUGGEDCOM RST2428P |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 family |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 family |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:58:59.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:35.312165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:19.797Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:56:06.952Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/act_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74",
"status": "affected",
"version": "0190c1d452a91c38a3462abdd81752be1b9006a8",
"versionType": "git"
},
{
"lessThan": "c6a7da65a296745535a964be1019ec7691b0cb90",
"status": "affected",
"version": "0190c1d452a91c38a3462abdd81752be1b9006a8",
"versionType": "git"
},
{
"lessThan": "25987a97eec4d5f897cd04ee1b45170829c610da",
"status": "affected",
"version": "0190c1d452a91c38a3462abdd81752be1b9006a8",
"versionType": "git"
},
{
"lessThan": "6fc78d67f51aeb9a542d39a8714e16bc411582d4",
"status": "affected",
"version": "0190c1d452a91c38a3462abdd81752be1b9006a8",
"versionType": "git"
},
{
"lessThan": "5f926aa96b08b6c47178fe1171e7ae331c695fc2",
"status": "affected",
"version": "0190c1d452a91c38a3462abdd81752be1b9006a8",
"versionType": "git"
},
{
"lessThan": "7a0e497b597df7c4cf2b63fc6e9188b6cabe5335",
"status": "affected",
"version": "0190c1d452a91c38a3462abdd81752be1b9006a8",
"versionType": "git"
},
{
"lessThan": "d864319871b05fadd153e0aede4811ca7008f5d6",
"status": "affected",
"version": "0190c1d452a91c38a3462abdd81752be1b9006a8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/act_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.19"
},
{
"lessThan": "4.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.279",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.279",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.221",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.162",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "4.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()\n\nsyzbot found hanging tasks waiting on rtnl_lock [1]\n\nA reproducer is available in the syzbot bug.\n\nWhen a request to add multiple actions with the same index is sent, the\nsecond request will block forever on the first request. This holds\nrtnl_lock, and causes tasks to hang.\n\nReturn -EAGAIN to prevent infinite looping, while keeping documented\nbehavior.\n\n[1]\n\nINFO: task kworker/1:0:5088 blocked for more than 143 seconds.\nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000\nWorkqueue: events_power_efficient reg_check_chans_work\nCall Trace:\n\u003cTASK\u003e\ncontext_switch kernel/sched/core.c:5409 [inline]\n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746\n__schedule_loop kernel/sched/core.c:6823 [inline]\nschedule+0xe7/0x350 kernel/sched/core.c:6838\nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895\n__mutex_lock_common kernel/locking/mutex.c:684 [inline]\n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752\nwiphy_lock include/net/cfg80211.h:5953 [inline]\nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline]\nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:23:58.112Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/0d8a2d287c8a394c0d4653f0c6c7be4c688e5a74"
},
{
"url": "https://git.kernel.org/stable/c/c6a7da65a296745535a964be1019ec7691b0cb90"
},
{
"url": "https://git.kernel.org/stable/c/25987a97eec4d5f897cd04ee1b45170829c610da"
},
{
"url": "https://git.kernel.org/stable/c/6fc78d67f51aeb9a542d39a8714e16bc411582d4"
},
{
"url": "https://git.kernel.org/stable/c/5f926aa96b08b6c47178fe1171e7ae331c695fc2"
},
{
"url": "https://git.kernel.org/stable/c/7a0e497b597df7c4cf2b63fc6e9188b6cabe5335"
},
{
"url": "https://git.kernel.org/stable/c/d864319871b05fadd153e0aede4811ca7008f5d6"
}
],
"title": "net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40995",
"datePublished": "2024-07-12T12:37:37.791Z",
"dateReserved": "2024-07-12T12:17:45.607Z",
"dateUpdated": "2026-05-12T11:56:06.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-40996 (GCVE-0-2024-40996)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-23 15:51
VLAI
EPSS
Title
bpf: Avoid splat in pskb_pull_reason
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf: Avoid splat in pskb_pull_reason
syzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debug
hint in pskb_may_pull.
We'd like to retain this debug check because it might hint at integer
overflows and other issues (kernel code should pull headers, not huge
value).
In bpf case, this splat isn't interesting at all: such (nonsensical)
bpf programs are typically generated by a fuzzer anyway.
Do what Eric suggested and suppress such warning.
For CONFIG_DEBUG_NET=n we don't need the extra check because
pskb_may_pull will do the right thing: return an error without the
WARN() backtrace.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
8af60bb2b215f478b886f1d6d302fefa7f0b917d , < dacc15e9cb248d19e5fc63c54bef0b9b55007761
(git)
Affected: 1b2b26595bb09febf14c5444c873ac4ec90a5a77 , < 7f9644782c559635bd676c12c59389a34ed7c866 (git) Affected: 219eee9c0d16f1b754a8b85275854ab17df0850a , < 5e90258303a358e88737afb5048bee9113beea3a (git) Affected: 219eee9c0d16f1b754a8b85275854ab17df0850a , < 2bbe3e5a2f4ef69d13be54f1cf895b4658287080 (git) Affected: fff05b2b004d9a8a2416d08647f3dc9068e357c8 (git) Affected: 6.1.86 , < 6.1.96 (semver) Affected: 6.6.27 , < 6.6.36 (semver) Affected: 6.8.6 , < 6.9 (semver) |
|
| Linux | Linux |
Affected:
6.9
Unaffected: 0 , < 6.9 (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:59:01.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dacc15e9cb248d19e5fc63c54bef0b9b55007761"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7f9644782c559635bd676c12c59389a34ed7c866"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e90258303a358e88737afb5048bee9113beea3a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2bbe3e5a2f4ef69d13be54f1cf895b4658287080"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-40996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:32.111725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:19.679Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/core/filter.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "dacc15e9cb248d19e5fc63c54bef0b9b55007761",
"status": "affected",
"version": "8af60bb2b215f478b886f1d6d302fefa7f0b917d",
"versionType": "git"
},
{
"lessThan": "7f9644782c559635bd676c12c59389a34ed7c866",
"status": "affected",
"version": "1b2b26595bb09febf14c5444c873ac4ec90a5a77",
"versionType": "git"
},
{
"lessThan": "5e90258303a358e88737afb5048bee9113beea3a",
"status": "affected",
"version": "219eee9c0d16f1b754a8b85275854ab17df0850a",
"versionType": "git"
},
{
"lessThan": "2bbe3e5a2f4ef69d13be54f1cf895b4658287080",
"status": "affected",
"version": "219eee9c0d16f1b754a8b85275854ab17df0850a",
"versionType": "git"
},
{
"status": "affected",
"version": "fff05b2b004d9a8a2416d08647f3dc9068e357c8",
"versionType": "git"
},
{
"lessThan": "6.1.96",
"status": "affected",
"version": "6.1.86",
"versionType": "semver"
},
{
"lessThan": "6.6.36",
"status": "affected",
"version": "6.6.27",
"versionType": "semver"
},
{
"lessThan": "6.9",
"status": "affected",
"version": "6.8.6",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/core/filter.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "6.1.86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "6.6.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "6.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "6.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.8.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Avoid splat in pskb_pull_reason\n\nsyzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debug\nhint in pskb_may_pull.\n\nWe\u0027d like to retain this debug check because it might hint at integer\noverflows and other issues (kernel code should pull headers, not huge\nvalue).\n\nIn bpf case, this splat isn\u0027t interesting at all: such (nonsensical)\nbpf programs are typically generated by a fuzzer anyway.\n\nDo what Eric suggested and suppress such warning.\n\nFor CONFIG_DEBUG_NET=n we don\u0027t need the extra check because\npskb_may_pull will do the right thing: return an error without the\nWARN() backtrace."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:51:21.401Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/dacc15e9cb248d19e5fc63c54bef0b9b55007761"
},
{
"url": "https://git.kernel.org/stable/c/7f9644782c559635bd676c12c59389a34ed7c866"
},
{
"url": "https://git.kernel.org/stable/c/5e90258303a358e88737afb5048bee9113beea3a"
},
{
"url": "https://git.kernel.org/stable/c/2bbe3e5a2f4ef69d13be54f1cf895b4658287080"
}
],
"title": "bpf: Avoid splat in pskb_pull_reason",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-40996",
"datePublished": "2024-07-12T12:37:38.454Z",
"dateReserved": "2024-07-12T12:17:45.607Z",
"dateUpdated": "2026-05-23T15:51:21.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-41000 (GCVE-0-2024-41000)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-23 15:51
VLAI
EPSS
Title
block/ioctl: prefer different overflow check
Summary
In the Linux kernel, the following vulnerability has been resolved:
block/ioctl: prefer different overflow check
Running syzkaller with the newly reintroduced signed integer overflow
sanitizer shows this report:
[ 62.982337] ------------[ cut here ]------------
[ 62.985692] cgroup: Invalid name
[ 62.986211] UBSAN: signed-integer-overflow in ../block/ioctl.c:36:46
[ 62.989370] 9pnet_fd: p9_fd_create_tcp (7343): problem connecting socket to 127.0.0.1
[ 62.992992] 9223372036854775807 + 4095 cannot be represented in type 'long long'
[ 62.997827] 9pnet_fd: p9_fd_create_tcp (7345): problem connecting socket to 127.0.0.1
[ 62.999369] random: crng reseeded on system resumption
[ 63.000634] GUP no longer grows the stack in syz-executor.2 (7353): 20002000-20003000 (20001000)
[ 63.000668] CPU: 0 PID: 7353 Comm: syz-executor.2 Not tainted 6.8.0-rc2-00035-gb3ef86b5a957 #1
[ 63.000677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 63.000682] Call Trace:
[ 63.000686] <TASK>
[ 63.000731] dump_stack_lvl+0x93/0xd0
[ 63.000919] __get_user_pages+0x903/0xd30
[ 63.001030] __gup_longterm_locked+0x153e/0x1ba0
[ 63.001041] ? _raw_read_unlock_irqrestore+0x17/0x50
[ 63.001072] ? try_get_folio+0x29c/0x2d0
[ 63.001083] internal_get_user_pages_fast+0x1119/0x1530
[ 63.001109] iov_iter_extract_pages+0x23b/0x580
[ 63.001206] bio_iov_iter_get_pages+0x4de/0x1220
[ 63.001235] iomap_dio_bio_iter+0x9b6/0x1410
[ 63.001297] __iomap_dio_rw+0xab4/0x1810
[ 63.001316] iomap_dio_rw+0x45/0xa0
[ 63.001328] ext4_file_write_iter+0xdde/0x1390
[ 63.001372] vfs_write+0x599/0xbd0
[ 63.001394] ksys_write+0xc8/0x190
[ 63.001403] do_syscall_64+0xd4/0x1b0
[ 63.001421] ? arch_exit_to_user_mode_prepare+0x3a/0x60
[ 63.001479] entry_SYSCALL_64_after_hwframe+0x6f/0x77
[ 63.001535] RIP: 0033:0x7f7fd3ebf539
[ 63.001551] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 63.001562] RSP: 002b:00007f7fd32570c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 63.001584] RAX: ffffffffffffffda RBX: 00007f7fd3ff3f80 RCX: 00007f7fd3ebf539
[ 63.001590] RDX: 4db6d1e4f7e43360 RSI: 0000000020000000 RDI: 0000000000000004
[ 63.001595] RBP: 00007f7fd3f1e496 R08: 0000000000000000 R09: 0000000000000000
[ 63.001599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 63.001604] R13: 0000000000000006 R14: 00007f7fd3ff3f80 R15: 00007ffd415ad2b8
...
[ 63.018142] ---[ end trace ]---
Historically, the signed integer overflow sanitizer did not work in the
kernel due to its interaction with `-fwrapv` but this has since been
changed [1] in the newest version of Clang; It was re-enabled in the
kernel with Commit 557f8c582a9ba8ab ("ubsan: Reintroduce signed overflow
sanitizer").
Let's rework this overflow checking logic to not actually perform an
overflow during the check itself, thus avoiding the UBSAN splat.
[1]: https://github.com/llvm/llvm-project/pull/82432
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
10 references
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
8f6dfa1f1efe6dcca2d43e575491d8fcbe922f62 , < 58706e482bf45c4db48b0c53aba2468c97adda24
(git)
Affected: 5010c27120962c85d2f421d2cf211791c9603503 , < 3220c90f4dbdc6d20d0608b164d964434a810d66 (git) Affected: ef31cc87794731ffcb578a195a2c47d744e25fb8 , < 61ec76ec930709b7bcd69029ef1fe90491f20cf9 (git) Affected: cb16cc1abda18a9514106d2ac8c8d7abc0be5ed8 , < fd841ee01fb4a79cb7f5cc424b5c96c3a73b2d1e (git) Affected: 6f64f866aa1ae6975c95d805ed51d7e9433a0016 , < 54160fb1db2de367485f21e30196c42f7ee0be4e (git) Affected: 6f64f866aa1ae6975c95d805ed51d7e9433a0016 , < ccb326b5f9e623eb7f130fbbf2505ec0e2dcaff9 (git) Affected: bcdc288e7bc008daf38ef0401b53e4a8bb61bbe5 (git) Affected: 5.10.215 , < 5.10.221 (semver) Affected: 5.15.148 , < 5.15.162 (semver) Affected: 6.1.75 , < 6.1.96 (semver) Affected: 6.6.14 , < 6.6.36 (semver) Affected: 6.7.2 , < 6.8 (semver) |
|
| Linux | Linux |
Affected:
6.8
Unaffected: 0 , < 6.8 (semver) Unaffected: 5.10.221 , ≤ 5.10.* (semver) Unaffected: 5.15.162 , ≤ 5.15.* (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
|
| Siemens | RUGGEDCOM RST2428P |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | RUGGEDCOM RST2428P |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 family |
Affected:
0 , < V3.1
(custom)
|
|
| Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 family |
Unaffected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:59:02.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/58706e482bf45c4db48b0c53aba2468c97adda24"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3220c90f4dbdc6d20d0608b164d964434a810d66"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/61ec76ec930709b7bcd69029ef1fe90491f20cf9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fd841ee01fb4a79cb7f5cc424b5c96c3a73b2d1e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/54160fb1db2de367485f21e30196c42f7ee0be4e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ccb326b5f9e623eb7f130fbbf2505ec0e2dcaff9"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:19.374759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:19.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RST2428P",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:56:08.371Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"block/ioctl.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "58706e482bf45c4db48b0c53aba2468c97adda24",
"status": "affected",
"version": "8f6dfa1f1efe6dcca2d43e575491d8fcbe922f62",
"versionType": "git"
},
{
"lessThan": "3220c90f4dbdc6d20d0608b164d964434a810d66",
"status": "affected",
"version": "5010c27120962c85d2f421d2cf211791c9603503",
"versionType": "git"
},
{
"lessThan": "61ec76ec930709b7bcd69029ef1fe90491f20cf9",
"status": "affected",
"version": "ef31cc87794731ffcb578a195a2c47d744e25fb8",
"versionType": "git"
},
{
"lessThan": "fd841ee01fb4a79cb7f5cc424b5c96c3a73b2d1e",
"status": "affected",
"version": "cb16cc1abda18a9514106d2ac8c8d7abc0be5ed8",
"versionType": "git"
},
{
"lessThan": "54160fb1db2de367485f21e30196c42f7ee0be4e",
"status": "affected",
"version": "6f64f866aa1ae6975c95d805ed51d7e9433a0016",
"versionType": "git"
},
{
"lessThan": "ccb326b5f9e623eb7f130fbbf2505ec0e2dcaff9",
"status": "affected",
"version": "6f64f866aa1ae6975c95d805ed51d7e9433a0016",
"versionType": "git"
},
{
"status": "affected",
"version": "bcdc288e7bc008daf38ef0401b53e4a8bb61bbe5",
"versionType": "git"
},
{
"lessThan": "5.10.221",
"status": "affected",
"version": "5.10.215",
"versionType": "semver"
},
{
"lessThan": "5.15.162",
"status": "affected",
"version": "5.15.148",
"versionType": "semver"
},
{
"lessThan": "6.1.96",
"status": "affected",
"version": "6.1.75",
"versionType": "semver"
},
{
"lessThan": "6.6.36",
"status": "affected",
"version": "6.6.14",
"versionType": "semver"
},
{
"lessThan": "6.8",
"status": "affected",
"version": "6.7.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"block/ioctl.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.8"
},
{
"lessThan": "6.8",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.221",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.221",
"versionStartIncluding": "5.10.215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.162",
"versionStartIncluding": "5.15.148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "6.1.75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "6.6.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock/ioctl: prefer different overflow check\n\nRunning syzkaller with the newly reintroduced signed integer overflow\nsanitizer shows this report:\n\n[ 62.982337] ------------[ cut here ]------------\n[ 62.985692] cgroup: Invalid name\n[ 62.986211] UBSAN: signed-integer-overflow in ../block/ioctl.c:36:46\n[ 62.989370] 9pnet_fd: p9_fd_create_tcp (7343): problem connecting socket to 127.0.0.1\n[ 62.992992] 9223372036854775807 + 4095 cannot be represented in type \u0027long long\u0027\n[ 62.997827] 9pnet_fd: p9_fd_create_tcp (7345): problem connecting socket to 127.0.0.1\n[ 62.999369] random: crng reseeded on system resumption\n[ 63.000634] GUP no longer grows the stack in syz-executor.2 (7353): 20002000-20003000 (20001000)\n[ 63.000668] CPU: 0 PID: 7353 Comm: syz-executor.2 Not tainted 6.8.0-rc2-00035-gb3ef86b5a957 #1\n[ 63.000677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 63.000682] Call Trace:\n[ 63.000686] \u003cTASK\u003e\n[ 63.000731] dump_stack_lvl+0x93/0xd0\n[ 63.000919] __get_user_pages+0x903/0xd30\n[ 63.001030] __gup_longterm_locked+0x153e/0x1ba0\n[ 63.001041] ? _raw_read_unlock_irqrestore+0x17/0x50\n[ 63.001072] ? try_get_folio+0x29c/0x2d0\n[ 63.001083] internal_get_user_pages_fast+0x1119/0x1530\n[ 63.001109] iov_iter_extract_pages+0x23b/0x580\n[ 63.001206] bio_iov_iter_get_pages+0x4de/0x1220\n[ 63.001235] iomap_dio_bio_iter+0x9b6/0x1410\n[ 63.001297] __iomap_dio_rw+0xab4/0x1810\n[ 63.001316] iomap_dio_rw+0x45/0xa0\n[ 63.001328] ext4_file_write_iter+0xdde/0x1390\n[ 63.001372] vfs_write+0x599/0xbd0\n[ 63.001394] ksys_write+0xc8/0x190\n[ 63.001403] do_syscall_64+0xd4/0x1b0\n[ 63.001421] ? arch_exit_to_user_mode_prepare+0x3a/0x60\n[ 63.001479] entry_SYSCALL_64_after_hwframe+0x6f/0x77\n[ 63.001535] RIP: 0033:0x7f7fd3ebf539\n[ 63.001551] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\n[ 63.001562] RSP: 002b:00007f7fd32570c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 63.001584] RAX: ffffffffffffffda RBX: 00007f7fd3ff3f80 RCX: 00007f7fd3ebf539\n[ 63.001590] RDX: 4db6d1e4f7e43360 RSI: 0000000020000000 RDI: 0000000000000004\n[ 63.001595] RBP: 00007f7fd3f1e496 R08: 0000000000000000 R09: 0000000000000000\n[ 63.001599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n[ 63.001604] R13: 0000000000000006 R14: 00007f7fd3ff3f80 R15: 00007ffd415ad2b8\n...\n[ 63.018142] ---[ end trace ]---\n\nHistorically, the signed integer overflow sanitizer did not work in the\nkernel due to its interaction with `-fwrapv` but this has since been\nchanged [1] in the newest version of Clang; It was re-enabled in the\nkernel with Commit 557f8c582a9ba8ab (\"ubsan: Reintroduce signed overflow\nsanitizer\").\n\nLet\u0027s rework this overflow checking logic to not actually perform an\noverflow during the check itself, thus avoiding the UBSAN splat.\n\n[1]: https://github.com/llvm/llvm-project/pull/82432"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:51:23.534Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/58706e482bf45c4db48b0c53aba2468c97adda24"
},
{
"url": "https://git.kernel.org/stable/c/3220c90f4dbdc6d20d0608b164d964434a810d66"
},
{
"url": "https://git.kernel.org/stable/c/61ec76ec930709b7bcd69029ef1fe90491f20cf9"
},
{
"url": "https://git.kernel.org/stable/c/fd841ee01fb4a79cb7f5cc424b5c96c3a73b2d1e"
},
{
"url": "https://git.kernel.org/stable/c/54160fb1db2de367485f21e30196c42f7ee0be4e"
},
{
"url": "https://git.kernel.org/stable/c/ccb326b5f9e623eb7f130fbbf2505ec0e2dcaff9"
}
],
"title": "block/ioctl: prefer different overflow check",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-41000",
"datePublished": "2024-07-12T12:37:41.189Z",
"dateReserved": "2024-07-12T12:17:45.608Z",
"dateUpdated": "2026-05-23T15:51:23.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-41001 (GCVE-0-2024-41001)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-11 20:24
VLAI
EPSS
Title
io_uring/sqpoll: work around a potential audit memory leak
Summary
In the Linux kernel, the following vulnerability has been resolved:
io_uring/sqpoll: work around a potential audit memory leak
kmemleak complains that there's a memory leak related to connect
handling:
unreferenced object 0xffff0001093bdf00 (size 128):
comm "iou-sqp-455", pid 457, jiffies 4294894164
hex dump (first 32 bytes):
02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace (crc 2e481b1a):
[<00000000c0a26af4>] kmemleak_alloc+0x30/0x38
[<000000009c30bb45>] kmalloc_trace+0x228/0x358
[<000000009da9d39f>] __audit_sockaddr+0xd0/0x138
[<0000000089a93e34>] move_addr_to_kernel+0x1a0/0x1f8
[<000000000b4e80e6>] io_connect_prep+0x1ec/0x2d4
[<00000000abfbcd99>] io_submit_sqes+0x588/0x1e48
[<00000000e7c25e07>] io_sq_thread+0x8a4/0x10e4
[<00000000d999b491>] ret_from_fork+0x10/0x20
which can can happen if:
1) The command type does something on the prep side that triggers an
audit call.
2) The thread hasn't done any operations before this that triggered
an audit call inside ->issue(), where we have audit_uring_entry()
and audit_uring_exit().
Work around this by issuing a blanket NOP operation before the SQPOLL
does anything.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
2b188cc1bb857a9d4701ae59aa7768b5124e262e , < 55c22375cbaa24f77dd13f9ae0642915444a1227
(git)
Affected: 2b188cc1bb857a9d4701ae59aa7768b5124e262e , < 9e810bd995823786ea30543e480e8a573e5e5667 (git) Affected: 2b188cc1bb857a9d4701ae59aa7768b5124e262e , < a40e90d9304629002fb17200f7779823a81191d3 (git) Affected: 2b188cc1bb857a9d4701ae59aa7768b5124e262e , < c4ce0ab27646f4206a9eb502d6fe45cb080e1cae (git) |
|
| Linux | Linux |
Affected:
5.1
Unaffected: 0 , < 5.1 (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:59:04.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9e810bd995823786ea30543e480e8a573e5e5667"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a40e90d9304629002fb17200f7779823a81191d3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c4ce0ab27646f4206a9eb502d6fe45cb080e1cae"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:15.228345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:19.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"io_uring/sqpoll.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "55c22375cbaa24f77dd13f9ae0642915444a1227",
"status": "affected",
"version": "2b188cc1bb857a9d4701ae59aa7768b5124e262e",
"versionType": "git"
},
{
"lessThan": "9e810bd995823786ea30543e480e8a573e5e5667",
"status": "affected",
"version": "2b188cc1bb857a9d4701ae59aa7768b5124e262e",
"versionType": "git"
},
{
"lessThan": "a40e90d9304629002fb17200f7779823a81191d3",
"status": "affected",
"version": "2b188cc1bb857a9d4701ae59aa7768b5124e262e",
"versionType": "git"
},
{
"lessThan": "c4ce0ab27646f4206a9eb502d6fe45cb080e1cae",
"status": "affected",
"version": "2b188cc1bb857a9d4701ae59aa7768b5124e262e",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"io_uring/sqpoll.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"lessThan": "5.1",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/sqpoll: work around a potential audit memory leak\n\nkmemleak complains that there\u0027s a memory leak related to connect\nhandling:\n\nunreferenced object 0xffff0001093bdf00 (size 128):\ncomm \"iou-sqp-455\", pid 457, jiffies 4294894164\nhex dump (first 32 bytes):\n02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace (crc 2e481b1a):\n[\u003c00000000c0a26af4\u003e] kmemleak_alloc+0x30/0x38\n[\u003c000000009c30bb45\u003e] kmalloc_trace+0x228/0x358\n[\u003c000000009da9d39f\u003e] __audit_sockaddr+0xd0/0x138\n[\u003c0000000089a93e34\u003e] move_addr_to_kernel+0x1a0/0x1f8\n[\u003c000000000b4e80e6\u003e] io_connect_prep+0x1ec/0x2d4\n[\u003c00000000abfbcd99\u003e] io_submit_sqes+0x588/0x1e48\n[\u003c00000000e7c25e07\u003e] io_sq_thread+0x8a4/0x10e4\n[\u003c00000000d999b491\u003e] ret_from_fork+0x10/0x20\n\nwhich can can happen if:\n\n1) The command type does something on the prep side that triggers an\n audit call.\n2) The thread hasn\u0027t done any operations before this that triggered\n an audit call inside -\u003eissue(), where we have audit_uring_entry()\n and audit_uring_exit().\n\nWork around this by issuing a blanket NOP operation before the SQPOLL\ndoes anything."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:24:06.693Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227"
},
{
"url": "https://git.kernel.org/stable/c/9e810bd995823786ea30543e480e8a573e5e5667"
},
{
"url": "https://git.kernel.org/stable/c/a40e90d9304629002fb17200f7779823a81191d3"
},
{
"url": "https://git.kernel.org/stable/c/c4ce0ab27646f4206a9eb502d6fe45cb080e1cae"
}
],
"title": "io_uring/sqpoll: work around a potential audit memory leak",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-41001",
"datePublished": "2024-07-12T12:37:41.850Z",
"dateReserved": "2024-07-12T12:17:45.609Z",
"dateUpdated": "2026-05-11T20:24:06.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-41002 (GCVE-0-2024-41002)
Vulnerability from cvelistv5 – Published: 2024-07-12 12:37 – Updated: 2026-05-11 20:24
VLAI
EPSS
Title
crypto: hisilicon/sec - Fix memory leak for sec resource release
Summary
In the Linux kernel, the following vulnerability has been resolved:
crypto: hisilicon/sec - Fix memory leak for sec resource release
The AIV is one of the SEC resources. When releasing resources,
it need to release the AIV resources at the same time.
Otherwise, memory leakage occurs.
The aiv resource release is added to the sec resource release
function.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
416d82204df44ef727de6eafafeaa4d12fdc78dc , < a886bcb0f67d1e3d6b2da25b3519de59098200c2
(git)
Affected: 416d82204df44ef727de6eafafeaa4d12fdc78dc , < 7c42ce556ff65995c8875c9ed64141c14238e7e6 (git) Affected: 416d82204df44ef727de6eafafeaa4d12fdc78dc , < 9f21886370db451b0fdc651f6e41550a1da70601 (git) Affected: 416d82204df44ef727de6eafafeaa4d12fdc78dc , < 36810d2db3496bb8b4db7ccda666674a5efc7b47 (git) Affected: 416d82204df44ef727de6eafafeaa4d12fdc78dc , < bba4250757b4ae1680fea435a358d8093f254094 (git) |
|
| Linux | Linux |
Affected:
5.5
Unaffected: 0 , < 5.5 (semver) Unaffected: 5.15.162 , ≤ 5.15.* (semver) Unaffected: 6.1.96 , ≤ 6.1.* (semver) Unaffected: 6.6.36 , ≤ 6.6.* (semver) Unaffected: 6.9.7 , ≤ 6.9.* (semver) Unaffected: 6.10 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:59:05.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:01:11.700200Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:19.020Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/hisilicon/sec2/sec_crypto.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a886bcb0f67d1e3d6b2da25b3519de59098200c2",
"status": "affected",
"version": "416d82204df44ef727de6eafafeaa4d12fdc78dc",
"versionType": "git"
},
{
"lessThan": "7c42ce556ff65995c8875c9ed64141c14238e7e6",
"status": "affected",
"version": "416d82204df44ef727de6eafafeaa4d12fdc78dc",
"versionType": "git"
},
{
"lessThan": "9f21886370db451b0fdc651f6e41550a1da70601",
"status": "affected",
"version": "416d82204df44ef727de6eafafeaa4d12fdc78dc",
"versionType": "git"
},
{
"lessThan": "36810d2db3496bb8b4db7ccda666674a5efc7b47",
"status": "affected",
"version": "416d82204df44ef727de6eafafeaa4d12fdc78dc",
"versionType": "git"
},
{
"lessThan": "bba4250757b4ae1680fea435a358d8093f254094",
"status": "affected",
"version": "416d82204df44ef727de6eafafeaa4d12fdc78dc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/hisilicon/sec2/sec_crypto.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"lessThan": "5.5",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.162",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.36",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"version": "6.9.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.162",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.96",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.36",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.9.7",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.10",
"versionStartIncluding": "5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/sec - Fix memory leak for sec resource release\n\nThe AIV is one of the SEC resources. When releasing resources,\nit need to release the AIV resources at the same time.\nOtherwise, memory leakage occurs.\n\nThe aiv resource release is added to the sec resource release\nfunction."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:24:07.822Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2"
},
{
"url": "https://git.kernel.org/stable/c/7c42ce556ff65995c8875c9ed64141c14238e7e6"
},
{
"url": "https://git.kernel.org/stable/c/9f21886370db451b0fdc651f6e41550a1da70601"
},
{
"url": "https://git.kernel.org/stable/c/36810d2db3496bb8b4db7ccda666674a5efc7b47"
},
{
"url": "https://git.kernel.org/stable/c/bba4250757b4ae1680fea435a358d8093f254094"
}
],
"title": "crypto: hisilicon/sec - Fix memory leak for sec resource release",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-41002",
"datePublished": "2024-07-12T12:37:42.523Z",
"dateReserved": "2024-07-12T12:17:45.609Z",
"dateUpdated": "2026-05-11T20:24:07.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…