Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-1031
Vulnerability from certfr_avis - Published: 2024-11-29 - Updated: 2024-11-29
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian bookworm versions ant\u00e9rieures \u00e0 6.1.119-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-53061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53061"
},
{
"name": "CVE-2024-53052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53052"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2024-50262",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50262"
},
{
"name": "CVE-2024-50268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50268"
},
{
"name": "CVE-2024-50243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50243"
},
{
"name": "CVE-2024-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53054"
},
{
"name": "CVE-2024-53055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53055"
},
{
"name": "CVE-2024-43868",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43868"
},
{
"name": "CVE-2024-49950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49950"
},
{
"name": "CVE-2024-50286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50286"
},
{
"name": "CVE-2024-50302",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50302"
},
{
"name": "CVE-2024-50267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50267"
},
{
"name": "CVE-2024-50228",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50228"
},
{
"name": "CVE-2024-50269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50269"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-50257",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50257"
},
{
"name": "CVE-2024-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53066"
},
{
"name": "CVE-2024-50295",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50295"
},
{
"name": "CVE-2024-53063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53063"
},
{
"name": "CVE-2024-50249",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50249"
},
{
"name": "CVE-2024-49974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49974"
},
{
"name": "CVE-2024-50233",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50233"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2024-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50292"
},
{
"name": "CVE-2024-50012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50012"
},
{
"name": "CVE-2024-50244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50244"
},
{
"name": "CVE-2024-50072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50072"
},
{
"name": "CVE-2024-50283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50283"
},
{
"name": "CVE-2024-50247",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50247"
},
{
"name": "CVE-2024-50296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50296"
},
{
"name": "CVE-2024-50284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50284"
},
{
"name": "CVE-2024-36915",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36915"
},
{
"name": "CVE-2024-50237",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50237"
},
{
"name": "CVE-2024-50264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
},
{
"name": "CVE-2024-50230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50230"
},
{
"name": "CVE-2024-50276",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50276"
},
{
"name": "CVE-2024-53058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53058"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2024-50261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50261"
},
{
"name": "CVE-2024-53088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53088"
},
{
"name": "CVE-2024-49986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49986"
},
{
"name": "CVE-2024-50290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50290"
},
{
"name": "CVE-2024-50242",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50242"
},
{
"name": "CVE-2024-50265",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50265"
},
{
"name": "CVE-2024-53082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53082"
},
{
"name": "CVE-2024-50282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50282"
},
{
"name": "CVE-2024-50273",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50273"
},
{
"name": "CVE-2024-35964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35964"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2024-53081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53081"
},
{
"name": "CVE-2024-50259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50259"
},
{
"name": "CVE-2024-50215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50215"
},
{
"name": "CVE-2024-50235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50235"
},
{
"name": "CVE-2024-26952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26952"
},
{
"name": "CVE-2024-50287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50287"
},
{
"name": "CVE-2022-45888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45888"
},
{
"name": "CVE-2024-36244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36244"
},
{
"name": "CVE-2024-50278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50278"
},
{
"name": "CVE-2024-53072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53072"
},
{
"name": "CVE-2024-38553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38553"
},
{
"name": "CVE-2024-53043",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53043"
},
{
"name": "CVE-2024-50036",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50036"
},
{
"name": "CVE-2024-50256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50256"
},
{
"name": "CVE-2024-50232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50232"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-50251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50251"
},
{
"name": "CVE-2024-36923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36923"
},
{
"name": "CVE-2024-41080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41080"
},
{
"name": "CVE-2024-50236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50236"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36478"
},
{
"name": "CVE-2024-50271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50271"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2024-50234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50234"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-50229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50229"
},
{
"name": "CVE-2024-36914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36914"
},
{
"name": "CVE-2024-50301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
},
{
"name": "CVE-2024-49991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49991"
},
{
"name": "CVE-2024-43904",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43904"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50067"
},
{
"name": "CVE-2024-53060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53060"
},
{
"name": "CVE-2024-50250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50250"
},
{
"name": "CVE-2024-26954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26954"
},
{
"name": "CVE-2024-43911",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43911"
},
{
"name": "CVE-2024-53059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53059"
},
{
"name": "CVE-2024-50299",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50299"
},
{
"name": "CVE-2024-50218",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50218"
},
{
"name": "CVE-2024-50279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50279"
},
{
"name": "CVE-2024-50245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50245"
},
{
"name": "CVE-2024-44949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44949"
},
{
"name": "CVE-2023-52812",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52812"
},
{
"name": "CVE-2024-50255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50255"
},
{
"name": "CVE-2024-53093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53093"
}
],
"initial_release_date": "2024-11-29T00:00:00",
"last_revision_date": "2024-11-29T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1031",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2024-11-24",
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-5818-1",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00233.html"
}
]
}
CVE-2024-53070 (GCVE-0-2024-53070)
Vulnerability from cvelistv5 – Published: 2024-11-19 17:22 – Updated: 2026-05-11 20:50
VLAI
EPSS
Title
usb: dwc3: fix fault at system suspend if device was already runtime suspended
Summary
In the Linux kernel, the following vulnerability has been resolved:
usb: dwc3: fix fault at system suspend if device was already runtime suspended
If the device was already runtime suspended then during system suspend
we cannot access the device registers else it will crash.
Also we cannot access any registers after dwc3_core_exit() on some
platforms so move the dwc3_enable_susphy() call to the top.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
073530898ebf44a9418434e899cfa9ca86945333 , < d9e65d461a9de037e7c9d584776d025cfce6d86d
(git)
Affected: 85ca88f93162acb94dbcb26d0ee2b145864d14a1 , < 562804b1561cc248cc37746a1c96c83cab1d7209 (git) Affected: 4fad7370086797afe6471493e3a5f36add8c48a7 , < 4abc5ee334fe4aba50461c45fdaaa4c5e5c57789 (git) Affected: a690a9e38e6ba819789074388de7cff06425ef5b , < 06b98197b69e2f2af9cb1991ee0b1c876edf7b86 (git) Affected: 705e3ce37bccdf2ed6f848356ff355f480d51a91 , < 9cfb31e4c89d200d8ab7cb1e0bb9e6e8d621ca0b (git) |
|
| Linux | Linux |
Affected:
5.15.170 , < 5.15.172
(semver)
Affected: 6.1.115 , < 6.1.117 (semver) Affected: 6.6.59 , < 6.6.61 (semver) Affected: 6.11.5 , < 6.11.8 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53070",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T20:12:26.967157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T20:17:16.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:29:00.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/dwc3/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d9e65d461a9de037e7c9d584776d025cfce6d86d",
"status": "affected",
"version": "073530898ebf44a9418434e899cfa9ca86945333",
"versionType": "git"
},
{
"lessThan": "562804b1561cc248cc37746a1c96c83cab1d7209",
"status": "affected",
"version": "85ca88f93162acb94dbcb26d0ee2b145864d14a1",
"versionType": "git"
},
{
"lessThan": "4abc5ee334fe4aba50461c45fdaaa4c5e5c57789",
"status": "affected",
"version": "4fad7370086797afe6471493e3a5f36add8c48a7",
"versionType": "git"
},
{
"lessThan": "06b98197b69e2f2af9cb1991ee0b1c876edf7b86",
"status": "affected",
"version": "a690a9e38e6ba819789074388de7cff06425ef5b",
"versionType": "git"
},
{
"lessThan": "9cfb31e4c89d200d8ab7cb1e0bb9e6e8d621ca0b",
"status": "affected",
"version": "705e3ce37bccdf2ed6f848356ff355f480d51a91",
"versionType": "git"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/usb/dwc3/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5.15.172",
"status": "affected",
"version": "5.15.170",
"versionType": "semver"
},
{
"lessThan": "6.1.117",
"status": "affected",
"version": "6.1.115",
"versionType": "semver"
},
{
"lessThan": "6.6.61",
"status": "affected",
"version": "6.6.59",
"versionType": "semver"
},
{
"lessThan": "6.11.8",
"status": "affected",
"version": "6.11.5",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.172",
"versionStartIncluding": "5.15.170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.117",
"versionStartIncluding": "6.1.115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.61",
"versionStartIncluding": "6.6.59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.8",
"versionStartIncluding": "6.11.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: fix fault at system suspend if device was already runtime suspended\n\nIf the device was already runtime suspended then during system suspend\nwe cannot access the device registers else it will crash.\n\nAlso we cannot access any registers after dwc3_core_exit() on some\nplatforms so move the dwc3_enable_susphy() call to the top."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:50:16.401Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d9e65d461a9de037e7c9d584776d025cfce6d86d"
},
{
"url": "https://git.kernel.org/stable/c/562804b1561cc248cc37746a1c96c83cab1d7209"
},
{
"url": "https://git.kernel.org/stable/c/4abc5ee334fe4aba50461c45fdaaa4c5e5c57789"
},
{
"url": "https://git.kernel.org/stable/c/06b98197b69e2f2af9cb1991ee0b1c876edf7b86"
},
{
"url": "https://git.kernel.org/stable/c/9cfb31e4c89d200d8ab7cb1e0bb9e6e8d621ca0b"
}
],
"title": "usb: dwc3: fix fault at system suspend if device was already runtime suspended",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53070",
"datePublished": "2024-11-19T17:22:37.706Z",
"dateReserved": "2024-11-19T17:17:24.976Z",
"dateUpdated": "2026-05-11T20:50:16.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-53072 (GCVE-0-2024-53072)
Vulnerability from cvelistv5 – Published: 2024-11-19 17:22 – Updated: 2026-05-11 20:50
VLAI
EPSS
Title
platform/x86/amd/pmc: Detect when STB is not available
Summary
In the Linux kernel, the following vulnerability has been resolved:
platform/x86/amd/pmc: Detect when STB is not available
Loading the amd_pmc module as:
amd_pmc enable_stb=1
...can result in the following messages in the kernel ring buffer:
amd_pmc AMDI0009:00: SMU cmd failed. err: 0xff
ioremap on RAM at 0x0000000000000000 - 0x0000000000ffffff
WARNING: CPU: 10 PID: 2151 at arch/x86/mm/ioremap.c:217 __ioremap_caller+0x2cd/0x340
Further debugging reveals that this occurs when the requests for
S2D_PHYS_ADDR_LOW and S2D_PHYS_ADDR_HIGH return a value of 0,
indicating that the STB is inaccessible. To prevent the ioremap
warning and provide clarity to the user, handle the invalid address
and display an error message.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d , < a50863dd1f92d43c975ab2ecc3476617fe98a66e
(git)
Affected: 3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d , < 7a3ed3f125292bc3398e04d10108124250892e3f (git) Affected: 3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d , < 67ff30e24a0466bdd5be1d0b84385ec3c85fdacd (git) Affected: 3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d , < bceec87a73804bb4c33b9a6c96e2d27cd893a801 (git) |
|
| Linux | Linux |
Affected:
5.18
Unaffected: 0 , < 5.18 (semver) Unaffected: 6.1.117 , ≤ 6.1.* (semver) Unaffected: 6.6.61 , ≤ 6.6.* (semver) Unaffected: 6.11.8 , ≤ 6.11.* (semver) Unaffected: 6.12 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53072",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T20:12:20.427844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T20:17:16.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:29:02.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/platform/x86/amd/pmc/pmc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a50863dd1f92d43c975ab2ecc3476617fe98a66e",
"status": "affected",
"version": "3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d",
"versionType": "git"
},
{
"lessThan": "7a3ed3f125292bc3398e04d10108124250892e3f",
"status": "affected",
"version": "3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d",
"versionType": "git"
},
{
"lessThan": "67ff30e24a0466bdd5be1d0b84385ec3c85fdacd",
"status": "affected",
"version": "3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d",
"versionType": "git"
},
{
"lessThan": "bceec87a73804bb4c33b9a6c96e2d27cd893a801",
"status": "affected",
"version": "3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/platform/x86/amd/pmc/pmc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.117",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.61",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.117",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.61",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.8",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12",
"versionStartIncluding": "5.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd/pmc: Detect when STB is not available\n\nLoading the amd_pmc module as:\n\n amd_pmc enable_stb=1\n\n...can result in the following messages in the kernel ring buffer:\n\n amd_pmc AMDI0009:00: SMU cmd failed. err: 0xff\n ioremap on RAM at 0x0000000000000000 - 0x0000000000ffffff\n WARNING: CPU: 10 PID: 2151 at arch/x86/mm/ioremap.c:217 __ioremap_caller+0x2cd/0x340\n\nFurther debugging reveals that this occurs when the requests for\nS2D_PHYS_ADDR_LOW and S2D_PHYS_ADDR_HIGH return a value of 0,\nindicating that the STB is inaccessible. To prevent the ioremap\nwarning and provide clarity to the user, handle the invalid address\nand display an error message."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:50:18.652Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a50863dd1f92d43c975ab2ecc3476617fe98a66e"
},
{
"url": "https://git.kernel.org/stable/c/7a3ed3f125292bc3398e04d10108124250892e3f"
},
{
"url": "https://git.kernel.org/stable/c/67ff30e24a0466bdd5be1d0b84385ec3c85fdacd"
},
{
"url": "https://git.kernel.org/stable/c/bceec87a73804bb4c33b9a6c96e2d27cd893a801"
}
],
"title": "platform/x86/amd/pmc: Detect when STB is not available",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53072",
"datePublished": "2024-11-19T17:22:38.861Z",
"dateReserved": "2024-11-19T17:17:24.976Z",
"dateUpdated": "2026-05-11T20:50:18.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-53081 (GCVE-0-2024-53081)
Vulnerability from cvelistv5 – Published: 2024-11-19 17:45 – Updated: 2026-05-11 20:50
VLAI
EPSS
Title
media: ar0521: don't overflow when checking PLL values
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: ar0521: don't overflow when checking PLL values
The PLL checks are comparing 64 bit integers with 32 bit
ones, as reported by Coverity. Depending on the values of
the variables, this may underflow.
Fix it ensuring that both sides of the expression are u64.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-191 - Integer Underflow (Wrap or Wraparound)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
852b50aeed153b513c0b36298559114fab0fab80 , < 5e1523076acf95b4ea68d19b6f27e6891267cc24
(git)
Affected: 852b50aeed153b513c0b36298559114fab0fab80 , < a244b82d0ae60326901f2b50c15e3118298b7ecd (git) Affected: 852b50aeed153b513c0b36298559114fab0fab80 , < 97ed0c0332d5525653668b31acf62ff1e6b50784 (git) Affected: 852b50aeed153b513c0b36298559114fab0fab80 , < 438d3085ba5b8b5bfa5290faa594e577f6ac9aa7 (git) |
|
| Linux | Linux |
Affected:
6.0
Unaffected: 0 , < 6.0 (semver) Unaffected: 6.1.117 , ≤ 6.1.* (semver) Unaffected: 6.6.61 , ≤ 6.6.* (semver) Unaffected: 6.11.8 , ≤ 6.11.* (semver) Unaffected: 6.12 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53081",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T20:12:00.620890Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T20:17:14.868Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:29:03.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/i2c/ar0521.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5e1523076acf95b4ea68d19b6f27e6891267cc24",
"status": "affected",
"version": "852b50aeed153b513c0b36298559114fab0fab80",
"versionType": "git"
},
{
"lessThan": "a244b82d0ae60326901f2b50c15e3118298b7ecd",
"status": "affected",
"version": "852b50aeed153b513c0b36298559114fab0fab80",
"versionType": "git"
},
{
"lessThan": "97ed0c0332d5525653668b31acf62ff1e6b50784",
"status": "affected",
"version": "852b50aeed153b513c0b36298559114fab0fab80",
"versionType": "git"
},
{
"lessThan": "438d3085ba5b8b5bfa5290faa594e577f6ac9aa7",
"status": "affected",
"version": "852b50aeed153b513c0b36298559114fab0fab80",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/i2c/ar0521.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.117",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.61",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.117",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.61",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.8",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ar0521: don\u0027t overflow when checking PLL values\n\nThe PLL checks are comparing 64 bit integers with 32 bit\nones, as reported by Coverity. Depending on the values of\nthe variables, this may underflow.\n\nFix it ensuring that both sides of the expression are u64."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:50:29.201Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5e1523076acf95b4ea68d19b6f27e6891267cc24"
},
{
"url": "https://git.kernel.org/stable/c/a244b82d0ae60326901f2b50c15e3118298b7ecd"
},
{
"url": "https://git.kernel.org/stable/c/97ed0c0332d5525653668b31acf62ff1e6b50784"
},
{
"url": "https://git.kernel.org/stable/c/438d3085ba5b8b5bfa5290faa594e577f6ac9aa7"
}
],
"title": "media: ar0521: don\u0027t overflow when checking PLL values",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53081",
"datePublished": "2024-11-19T17:45:11.594Z",
"dateReserved": "2024-11-19T17:17:24.978Z",
"dateUpdated": "2026-05-11T20:50:29.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-53082 (GCVE-0-2024-53082)
Vulnerability from cvelistv5 – Published: 2024-11-19 17:45 – Updated: 2026-05-11 20:50
VLAI
EPSS
Title
virtio_net: Add hash_key_length check
Summary
In the Linux kernel, the following vulnerability has been resolved:
virtio_net: Add hash_key_length check
Add hash_key_length check in virtnet_probe() to avoid possible out of
bound errors when setting/reading the hash key.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
c7114b1249fa3b5f3a434606ba4cc89c4a27d618 , < f3401e3c8d339ddb6ccb2e3d11ad634b7846a806
(git)
Affected: c7114b1249fa3b5f3a434606ba4cc89c4a27d618 , < af0aa8aecbe8985079232902894cc4cb62795691 (git) Affected: c7114b1249fa3b5f3a434606ba4cc89c4a27d618 , < 6a18a783b1fa590ad1ed785907263e4b86adcfe2 (git) Affected: c7114b1249fa3b5f3a434606ba4cc89c4a27d618 , < 3f7d9c1964fcd16d02a8a9d4fd6f6cb60c4cc530 (git) |
|
| Linux | Linux |
Affected:
5.18
Unaffected: 0 , < 5.18 (semver) Unaffected: 6.1.117 , ≤ 6.1.* (semver) Unaffected: 6.6.61 , ≤ 6.6.* (semver) Unaffected: 6.11.8 , ≤ 6.11.* (semver) Unaffected: 6.12 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T20:11:57.489221Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T20:17:14.747Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:29:05.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/virtio_net.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f3401e3c8d339ddb6ccb2e3d11ad634b7846a806",
"status": "affected",
"version": "c7114b1249fa3b5f3a434606ba4cc89c4a27d618",
"versionType": "git"
},
{
"lessThan": "af0aa8aecbe8985079232902894cc4cb62795691",
"status": "affected",
"version": "c7114b1249fa3b5f3a434606ba4cc89c4a27d618",
"versionType": "git"
},
{
"lessThan": "6a18a783b1fa590ad1ed785907263e4b86adcfe2",
"status": "affected",
"version": "c7114b1249fa3b5f3a434606ba4cc89c4a27d618",
"versionType": "git"
},
{
"lessThan": "3f7d9c1964fcd16d02a8a9d4fd6f6cb60c4cc530",
"status": "affected",
"version": "c7114b1249fa3b5f3a434606ba4cc89c4a27d618",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/virtio_net.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.117",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.61",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.117",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.61",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.8",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12",
"versionStartIncluding": "5.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Add hash_key_length check\n\nAdd hash_key_length check in virtnet_probe() to avoid possible out of\nbound errors when setting/reading the hash key."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:50:30.325Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f3401e3c8d339ddb6ccb2e3d11ad634b7846a806"
},
{
"url": "https://git.kernel.org/stable/c/af0aa8aecbe8985079232902894cc4cb62795691"
},
{
"url": "https://git.kernel.org/stable/c/6a18a783b1fa590ad1ed785907263e4b86adcfe2"
},
{
"url": "https://git.kernel.org/stable/c/3f7d9c1964fcd16d02a8a9d4fd6f6cb60c4cc530"
}
],
"title": "virtio_net: Add hash_key_length check",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53082",
"datePublished": "2024-11-19T17:45:12.233Z",
"dateReserved": "2024-11-19T17:17:24.979Z",
"dateUpdated": "2026-05-11T20:50:30.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-53088 (GCVE-0-2024-53088)
Vulnerability from cvelistv5 – Published: 2024-11-19 17:45 – Updated: 2026-05-11 20:50
VLAI
EPSS
Title
i40e: fix race condition by adding filter's intermediate sync state
Summary
In the Linux kernel, the following vulnerability has been resolved:
i40e: fix race condition by adding filter's intermediate sync state
Fix a race condition in the i40e driver that leads to MAC/VLAN filters
becoming corrupted and leaking. Address the issue that occurs under
heavy load when multiple threads are concurrently modifying MAC/VLAN
filters by setting mac and port VLAN.
1. Thread T0 allocates a filter in i40e_add_filter() within
i40e_ndo_set_vf_port_vlan().
2. Thread T1 concurrently frees the filter in __i40e_del_filter() within
i40e_ndo_set_vf_mac().
3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which
refers to the already freed filter memory, causing corruption.
Reproduction steps:
1. Spawn multiple VFs.
2. Apply a concurrent heavy load by running parallel operations to change
MAC addresses on the VFs and change port VLANs on the host.
3. Observe errors in dmesg:
"Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,
please set promiscuous on manually for VF XX".
Exact code for stable reproduction Intel can't open-source now.
The fix involves implementing a new intermediate filter state,
I40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list.
These filters cannot be deleted from the hash list directly but
must be removed using the full process.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
278e7d0b9d6864a9749b9473a273892aa1528621 , < 262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a
(git)
Affected: 278e7d0b9d6864a9749b9473a273892aa1528621 , < 7ad3fb3bfd43feb4e15c81dffd23ac4e55742791 (git) Affected: 278e7d0b9d6864a9749b9473a273892aa1528621 , < bf5f837d9fd27d32fb76df0a108babcaf4446ff1 (git) Affected: 278e7d0b9d6864a9749b9473a273892aa1528621 , < 6e046f4937474bc1b9fa980c1ad8f3253fc638f6 (git) Affected: 278e7d0b9d6864a9749b9473a273892aa1528621 , < f30490e9695ef7da3d0899c6a0293cc7cd373567 (git) |
|
| Linux | Linux |
Affected:
4.10
Unaffected: 0 , < 4.10 (semver) Unaffected: 5.15.172 , ≤ 5.15.* (semver) Unaffected: 6.1.117 , ≤ 6.1.* (semver) Unaffected: 6.6.61 , ≤ 6.6.* (semver) Unaffected: 6.11.8 , ≤ 6.11.* (semver) Unaffected: 6.12 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53088",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T20:11:41.083931Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T20:17:14.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:29:06.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/i40e/i40e.h",
"drivers/net/ethernet/intel/i40e/i40e_debugfs.c",
"drivers/net/ethernet/intel/i40e/i40e_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a",
"status": "affected",
"version": "278e7d0b9d6864a9749b9473a273892aa1528621",
"versionType": "git"
},
{
"lessThan": "7ad3fb3bfd43feb4e15c81dffd23ac4e55742791",
"status": "affected",
"version": "278e7d0b9d6864a9749b9473a273892aa1528621",
"versionType": "git"
},
{
"lessThan": "bf5f837d9fd27d32fb76df0a108babcaf4446ff1",
"status": "affected",
"version": "278e7d0b9d6864a9749b9473a273892aa1528621",
"versionType": "git"
},
{
"lessThan": "6e046f4937474bc1b9fa980c1ad8f3253fc638f6",
"status": "affected",
"version": "278e7d0b9d6864a9749b9473a273892aa1528621",
"versionType": "git"
},
{
"lessThan": "f30490e9695ef7da3d0899c6a0293cc7cd373567",
"status": "affected",
"version": "278e7d0b9d6864a9749b9473a273892aa1528621",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/intel/i40e/i40e.h",
"drivers/net/ethernet/intel/i40e/i40e_debugfs.c",
"drivers/net/ethernet/intel/i40e/i40e_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.172",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.117",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.61",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.172",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.117",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.61",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.8",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12",
"versionStartIncluding": "4.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix race condition by adding filter\u0027s intermediate sync state\n\nFix a race condition in the i40e driver that leads to MAC/VLAN filters\nbecoming corrupted and leaking. Address the issue that occurs under\nheavy load when multiple threads are concurrently modifying MAC/VLAN\nfilters by setting mac and port VLAN.\n\n1. Thread T0 allocates a filter in i40e_add_filter() within\n i40e_ndo_set_vf_port_vlan().\n2. Thread T1 concurrently frees the filter in __i40e_del_filter() within\n i40e_ndo_set_vf_mac().\n3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which\n refers to the already freed filter memory, causing corruption.\n\nReproduction steps:\n1. Spawn multiple VFs.\n2. Apply a concurrent heavy load by running parallel operations to change\n MAC addresses on the VFs and change port VLANs on the host.\n3. Observe errors in dmesg:\n\"Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,\n\tplease set promiscuous on manually for VF XX\".\n\nExact code for stable reproduction Intel can\u0027t open-source now.\n\nThe fix involves implementing a new intermediate filter state,\nI40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list.\nThese filters cannot be deleted from the hash list directly but\nmust be removed using the full process."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:50:37.046Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/262dc6ea5f1eb18c4d08ad83d51222d0dd0dd42a"
},
{
"url": "https://git.kernel.org/stable/c/7ad3fb3bfd43feb4e15c81dffd23ac4e55742791"
},
{
"url": "https://git.kernel.org/stable/c/bf5f837d9fd27d32fb76df0a108babcaf4446ff1"
},
{
"url": "https://git.kernel.org/stable/c/6e046f4937474bc1b9fa980c1ad8f3253fc638f6"
},
{
"url": "https://git.kernel.org/stable/c/f30490e9695ef7da3d0899c6a0293cc7cd373567"
}
],
"title": "i40e: fix race condition by adding filter\u0027s intermediate sync state",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53088",
"datePublished": "2024-11-19T17:45:16.169Z",
"dateReserved": "2024-11-19T17:17:24.980Z",
"dateUpdated": "2026-05-11T20:50:37.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-53093 (GCVE-0-2024-53093)
Vulnerability from cvelistv5 – Published: 2024-11-21 18:17 – Updated: 2026-05-11 20:50
VLAI
EPSS
Title
nvme-multipath: defer partition scanning
Summary
In the Linux kernel, the following vulnerability has been resolved:
nvme-multipath: defer partition scanning
We need to suppress the partition scan from occuring within the
controller's scan_work context. If a path error occurs here, the IO will
wait until a path becomes available or all paths are torn down, but that
action also occurs within scan_work, so it would deadlock. Defer the
partion scan to a different context that does not block scan_work.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
32acab3181c7053c775ca128c3a5c6ce50197d7f , < 60de2e03f984cfbcdc12fa552f95087c35a05a98
(git)
Affected: 32acab3181c7053c775ca128c3a5c6ce50197d7f , < 4a57f42e5ed42cb8f1beb262c4f6d3e698939e4e (git) Affected: 32acab3181c7053c775ca128c3a5c6ce50197d7f , < a91b7eddf45afeeb9c5ece11dddff5de0921b00f (git) Affected: 32acab3181c7053c775ca128c3a5c6ce50197d7f , < 1f021341eef41e77a633186e9be5223de2ce5d48 (git) |
|
| Linux | Linux |
Affected:
4.15
Unaffected: 0 , < 4.15 (semver) Unaffected: 6.1.118 , ≤ 6.1.* (semver) Unaffected: 6.6.62 , ≤ 6.6.* (semver) Unaffected: 6.11.9 , ≤ 6.11.* (semver) Unaffected: 6.12 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53093",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T20:11:24.276538Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T20:17:13.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:29:08.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/nvme/host/multipath.c",
"drivers/nvme/host/nvme.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "60de2e03f984cfbcdc12fa552f95087c35a05a98",
"status": "affected",
"version": "32acab3181c7053c775ca128c3a5c6ce50197d7f",
"versionType": "git"
},
{
"lessThan": "4a57f42e5ed42cb8f1beb262c4f6d3e698939e4e",
"status": "affected",
"version": "32acab3181c7053c775ca128c3a5c6ce50197d7f",
"versionType": "git"
},
{
"lessThan": "a91b7eddf45afeeb9c5ece11dddff5de0921b00f",
"status": "affected",
"version": "32acab3181c7053c775ca128c3a5c6ce50197d7f",
"versionType": "git"
},
{
"lessThan": "1f021341eef41e77a633186e9be5223de2ce5d48",
"status": "affected",
"version": "32acab3181c7053c775ca128c3a5c6ce50197d7f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/nvme/host/multipath.c",
"drivers/nvme/host/nvme.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.15"
},
{
"lessThan": "4.15",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.118",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.62",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.9",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.118",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.62",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.9",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12",
"versionStartIncluding": "4.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-multipath: defer partition scanning\n\nWe need to suppress the partition scan from occuring within the\ncontroller\u0027s scan_work context. If a path error occurs here, the IO will\nwait until a path becomes available or all paths are torn down, but that\naction also occurs within scan_work, so it would deadlock. Defer the\npartion scan to a different context that does not block scan_work."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T20:50:43.132Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/60de2e03f984cfbcdc12fa552f95087c35a05a98"
},
{
"url": "https://git.kernel.org/stable/c/4a57f42e5ed42cb8f1beb262c4f6d3e698939e4e"
},
{
"url": "https://git.kernel.org/stable/c/a91b7eddf45afeeb9c5ece11dddff5de0921b00f"
},
{
"url": "https://git.kernel.org/stable/c/1f021341eef41e77a633186e9be5223de2ce5d48"
}
],
"title": "nvme-multipath: defer partition scanning",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53093",
"datePublished": "2024-11-21T18:17:09.807Z",
"dateReserved": "2024-11-19T17:17:24.982Z",
"dateUpdated": "2026-05-11T20:50:43.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…