CVE-2024-42291

Summary

In the Linux kernel, the following vulnerability has been resolved:

ice: Add a per-VF limit on number of FDIR filters

While the iavf driver adds a s/w limit (128) on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust the resources for other VFs.

Add a similar limit in ice.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1f7ea1cd6a3748427512ccc9582e18cd9efea966 < e81b674ead8e2172b2a69e7b45e079239ace4dbcaffected
LinuxLinux1f7ea1cd6a3748427512ccc9582e18cd9efea966 < 8e02cd98a6e24389d476e28436d41e620ed8e559affected
LinuxLinux1f7ea1cd6a3748427512ccc9582e18cd9efea966 < d62389073a5b937413e2d1bc1da06ccff5103c0caffected
LinuxLinux1f7ea1cd6a3748427512ccc9582e18cd9efea966 < 292081c4e7f575a79017d5cbe1a0ec042783976faffected
LinuxLinux1f7ea1cd6a3748427512ccc9582e18cd9efea966 < 6ebbe97a488179f5dc85f2f1e0c89b486e99ee97affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.15.172 <= 5.15.*unaffected
LinuxLinux6.1.103 <= 6.1.*unaffected
LinuxLinux6.6.44 <= 6.6.*unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References