CVE-2024-42291

MEDIUM EPSS 13.2%
Published Aug 17, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust the resources for other VFs. Add a similar limit in ice.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.13  –  <5.15.172
linuxlinux_kernel*≥5.16  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 6

  • git.kernel.org https://git.kernel.org/stable/c/292081c4e7f575a79017d5cbe1a0ec042783976f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ebbe97a488179f5dc85f2f1e0c89b486e99ee97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8e02cd98a6e24389d476e28436d41e620ed8e559
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d62389073a5b937413e2d1bc1da06ccff5103c0c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e81b674ead8e2172b2a69e7b45e079239ace4dbc
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/292081c4e7f575a79017d5cbe1a0ec042783976f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ebbe97a488179f5dc85f2f1e0c89b486e99ee97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8e02cd98a6e24389d476e28436d41e620ed8e559
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d62389073a5b937413e2d1bc1da06ccff5103c0c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e81b674ead8e2172b2a69e7b45e079239ace4dbc
    Patch