CVE-2024-56721

Summary

In the Linux kernel, the following vulnerability has been resolved:

x86/CPU/AMD: Terminate the erratum_1386_microcode array

The erratum_1386_microcode array requires an empty entry at the end. Otherwise x86_match_cpu_with_stepping() will continue iterate the array after it ended.

Add an empty entry to erratum_1386_microcode to its end.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux29ba89f1895285f06c333546882e0c5ae9a6df23 < 82d6b82cf89d950982ac240ba068c3a7e1f23b0aaffected
LinuxLinux29ba89f1895285f06c333546882e0c5ae9a6df23 < ccfee14f08b8699132b87bc6d78e0fa75bf094ddaffected
LinuxLinux29ba89f1895285f06c333546882e0c5ae9a6df23 < ff6cdc407f4179748f4673c39b0921503199a0adaffected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.11.11 <= 6.11.*unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References