Lucene search

GoogleOSV:CVE-2024-42225

HistoryJul 30, 2024 - 8:15 a.m.

CVE-2024-42225

2024-07-3008:15:07

Google

osv.dev

linux kernel

cve-2024-42225

mt76

wifi

vulnerability fix

uninitialized data

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.2

Confidence

High

JSON

In the Linux kernel, the following vulnerability has been resolved:

wifi: mt76: replace skb_put with skb_put_zero

Avoid potentially reusing uninitialized data

References

git.kernel.org/stable/c/22ea2a7f0b64d323625950414a4496520fb33657

git.kernel.org/stable/c/64f86337ccfe77fe3be5a9356b0dabde23fbb074

git.kernel.org/stable/c/7f819a2f4fbc510e088b49c79addcf1734503578

git.kernel.org/stable/c/dc7f14d00d0c4c21898f3504607f4a31079065a2

git.kernel.org/stable/c/ff6b26be13032c5fbd6b6a0b24358f8eaac4f3af

security-tracker.debian.org/tracker/CVE-2024-42225

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.2

Confidence

High

JSON

Related for OSV:CVE-2024-42225