CVE-2024-56716

Summary

In the Linux kernel, the following vulnerability has been resolved:

netdevsim: prevent bad user input in nsim_dev_health_break_write()

If either a zero count or a large one is provided, kernel can crash.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f < 81bdfcd6e6a998e219c9dd49ec7291c2e0594bbcaffected
LinuxLinux82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f < b3a6daaf7cfb2de37b89fd7a5a2ad4ea9aa3e181affected
LinuxLinux82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f < d10321be26ff9e9e912697e9e8448099654ff561affected
LinuxLinux82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f < 470c5ecbac2f19b1cdee2a6ce8d5650c3295c94baffected
LinuxLinux82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f < 8e9ef6bdf71bf25f4735e0230ce1919de8985835affected
LinuxLinux82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f < ee76746387f6233bdfa93d7406990f923641568faffected
LinuxLinux5.5affected
LinuxLinux0 < 5.5unaffected
LinuxLinux5.10.233 <= 5.10.*unaffected
LinuxLinux5.15.176 <= 5.15.*unaffected
LinuxLinux6.1.122 <= 6.1.*unaffected
LinuxLinux6.6.68 <= 6.6.*unaffected
LinuxLinux6.12.7 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References