Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-42162

HistoryJul 30, 2024 - 8:15 a.m.

CVE-2024-42162

2024-07-3008:15:07

CWE-754

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux

kernel

gve driver

vulnerability

resolved

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

In the Linux kernel, the following vulnerability has been resolved:

gve: Account for stopped queues when reading NIC stats

We now account for the fact that the NIC might send us stats for a
subset of queues. Without this change, gve_get_ethtool_stats might make
an invalid access on the priv->stats_report->stats array.

Affected configurations

Nvd

Node

linuxlinux_kernelRange5.3–6.9.9

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

References

git.kernel.org/stable/c/32675d828c8a392e20d5b42375ed112c407e4b62

git.kernel.org/stable/c/af9bcf910b1f86244f39e15e701b2dc564b469a6

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

Related for NVD:CVE-2024-42162