CVE-2024-45019

MEDIUM EPSS 6.9%
Published Sep 11, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 11, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx timeout reporter mlx5e_safe_reopen_channels() requires the state lock taken. The referenced changed in the Fixes tag removed the lock to fix another issue. This patch adds it back but at a later point (when calling mlx5e_safe_reopen_channels()) to avoid the deadlock referenced in the Fixes tag.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
6.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥6.1.69  –  <6.1.107
linuxlinux_kernel*≥6.6.8  –  <6.6.48
linuxlinux_kernel*≥6.7  –  <6.10.7
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any
linuxlinux_kernel6.11any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/03d3734bd692affe4d0e9c9d638f491aaf37411b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8e57e66ecbdd2fddc9fbf3e984b1c523b70e9809
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b3b9a87adee97854bcd71057901d46943076267e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e6b5afd30b99b43682a7764e1a74a42fe4d5f4b3
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/03d3734bd692affe4d0e9c9d638f491aaf37411b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8e57e66ecbdd2fddc9fbf3e984b1c523b70e9809
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b3b9a87adee97854bcd71057901d46943076267e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e6b5afd30b99b43682a7764e1a74a42fe4d5f4b3
    Patch