CVE-2024-53110

MEDIUM EPSS 14.2%
Published Dec 2, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Dec 2, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmtdev_get_classes() may iterate multiple times and visit undefined memory.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥5.19  –  <6.1.119
linuxlinux_kernel*≥6.2  –  <6.6.63
linuxlinux_kernel*≥6.7  –  <6.11.10
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/0a886489d274596ad1a80789d3a773503210a615
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e39ecadf1d2a08187139619f1f314b64ba7d947
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/870d68fe17b5d9032049dcad98b5781a344a8657
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c4d64534d4b1c47d2f1ce427497f971ad4735aae
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0a886489d274596ad1a80789d3a773503210a615
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4e39ecadf1d2a08187139619f1f314b64ba7d947
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/870d68fe17b5d9032049dcad98b5781a344a8657
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c4d64534d4b1c47d2f1ce427497f971ad4735aae
    Patch