CVE-2024-35837

net: mvpp2: clear BM pool before initialization

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

net: mvpp2: clear BM pool before initialization

Register value persist after booting the kernel using
kexec which results in kernel panic. Thus clear the
BM pool registers before initialisation to fix the issue.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: mvpp2: borre el grupo de BM antes de la inicialización. El valor del registro persiste después de iniciar el kernel usando kexec, lo que genera pánico en el kernel. Por lo tanto, borre los registros del grupo BM antes de la inicialización para solucionar el problema.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-17 CVE Reserved
2024-05-17 CVE Published
2024-05-18 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/3f518509dedc99f0b755d2ce68d24f610e3a005a	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/83f99138bf3b396f761600ab488054396fb5768f	2024-02-23
https://git.kernel.org/stable/c/af47faa6d3328406038b731794e7cf508c71affa	2024-02-23
https://git.kernel.org/stable/c/cec65f09c47d8c2d67f2bcad6cf05c490628d1ec	2024-02-01
https://git.kernel.org/stable/c/938729484cfa535e9987ed0f86f29a2ae3a8188b	2024-02-01
https://git.kernel.org/stable/c/dc77f6ab5c3759df60ff87ed24f4d45df0f3b4c4	2024-02-01
https://git.kernel.org/stable/c/9f538b415db862e74b8c5d3abbccfc1b2b6caa38	2024-01-24

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.17 < 5.10.210 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 5.10.210"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.17 < 5.15.149 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 5.15.149"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.17 < 6.1.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 6.1.76"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.17 < 6.6.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 6.6.15"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.17 < 6.7.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 6.7.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.17 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 6.8"		en		Affected