CVE-2024-56721
7.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
x86/CPU/AMD: Terminate the erratum_1386_microcode array
The erratum_1386_microcode array requires an empty entry at the end. Otherwise x86_match_cpu_with_stepping() will continue iterate the array after it ended.
Add an empty entry to erratum_1386_microcode to its end.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 29ba89f1895285f06c333546882e0c5ae9a6df23 < 82d6b82cf89d950982ac240ba068c3a7e1f23b0a | affected |
| Linux | Linux | 29ba89f1895285f06c333546882e0c5ae9a6df23 < ccfee14f08b8699132b87bc6d78e0fa75bf094dd | affected |
| Linux | Linux | 29ba89f1895285f06c333546882e0c5ae9a6df23 < ff6cdc407f4179748f4673c39b0921503199a0ad | affected |
| Linux | Linux | 6.10 | affected |
| Linux | Linux | 0 < 6.10 | unaffected |
| Linux | Linux | 6.11.11 <= 6.11.* | unaffected |
| Linux | Linux | 6.12.2 <= 6.12.* | unaffected |
| Linux | Linux | 6.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/82d6b82cf89d950982ac240ba068c3a7e1f23b0a
- https://git.kernel.org/stable/c/ccfee14f08b8699132b87bc6d78e0fa75bf094dd
- https://git.kernel.org/stable/c/ff6cdc407f4179748f4673c39b0921503199a0ad
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.