CVE-2024-56707 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c Add error pointer checks after calling otx2_mbox_get_rsp().

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1611b1ea7cf8d07dff091a45389b10401bb6d5b3
https://git.kernel.org/stable/c/20e06a5137a1174214bae3a29ce623e69455ee0f
https://git.kernel.org/stable/c/3ccbc7a518868eff1d5a198b9e454e182b651e00
https://git.kernel.org/stable/c/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64
https://git.kernel.org/stable/c/fc595472fbad96533ccbb7b9ebb82b743ec26829
https://lore.kernel.org/linux-cve-announce/2024122838-CVE-2024-56707-783f@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-56707
https://www.cve.org/CVERecord?id=CVE-2024-56707

History

Thu, 13 Feb 2025 00:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-754
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}`

Mon, 30 Dec 2024 01:30:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2024122838-CVE-2024-56707-783f@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-56707 https://www.cve.org/CVERecord?id=CVE-2024-56707
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Sat, 28 Dec 2024 10:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c Add error pointer checks after calling otx2_mbox_get_rsp().
Title		octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c
References		https://git.kernel.org/stable/c/1611b1ea7cf8d07dff091a45389b10401bb6d5b3 https://git.kernel.org/stable/c/20e06a5137a1174214bae3a29ce623e69455ee0f https://git.kernel.org/stable/c/3ccbc7a518868eff1d5a198b9e454e182b651e00 https://git.kernel.org/stable/c/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64 https://git.kernel.org/stable/c/fc595472fbad96533ccbb7b9ebb82b743ec26829

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-12-28T09:46:28.117Z

Updated: 2025-05-04T10:02:57.852Z

Reserved: 2024-12-27T15:00:39.857Z

Link: CVE-2024-56707

Vulnrichment

No data.

NVD

Status : Received

Published: 2024-12-28T10:15:19.660

Modified: 2024-12-28T10:15:19.660

Link: CVE-2024-56707

Redhat

Severity : Low

Publid Date: 2024-12-28T00:00:00Z

Links: CVE-2024-56707 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object