cve-2024-40968
Vulnerability from cvelistv5
Published
2024-07-12 12:32
Modified
2024-11-05 09:34
Severity ?
Summary
MIPS: Octeon: Add PCIe link status check
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62
Impacted products
Vendor Product Version
Linux Linux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:39:56.133Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40968",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:03:03.974651Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:22.885Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/mips/pci/pcie-octeon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6bff05aaa32c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "64845ac64819",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6c1b9fe148a4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "25998f561315",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d996deb80398",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1c33fd17383f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "38d647d50954",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "29b83a64df3b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/mips/pci/pcie-octeon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.317",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.279",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.221",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.96",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.36",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nMIPS: Octeon: Add PCIe link status check\n\nThe standard PCIe configuration read-write interface is used to\naccess the configuration space of the peripheral PCIe devices\nof the mips processor after the PCIe link surprise down, it can\ngenerate kernel panic caused by \"Data bus error\". So it is\nnecessary to add PCIe link status check for system protection.\nWhen the PCIe link is down or in training, assigning a value\nof 0 to the configuration address can prevent read-write behavior\nto the configuration space of peripheral PCIe devices, thereby\npreventing kernel panic."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:34:09.980Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419"
        },
        {
          "url": "https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a"
        },
        {
          "url": "https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799"
        },
        {
          "url": "https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62"
        },
        {
          "url": "https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0"
        },
        {
          "url": "https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9"
        },
        {
          "url": "https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7"
        }
      ],
      "title": "MIPS: Octeon: Add PCIe link status check",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-40968",
    "datePublished": "2024-07-12T12:32:07.476Z",
    "dateReserved": "2024-07-12T12:17:45.602Z",
    "dateUpdated": "2024-11-05T09:34:09.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-40968\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-12T13:15:18.553\",\"lastModified\":\"2024-11-21T09:31:58.297\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nMIPS: Octeon: Add PCIe link status check\\n\\nThe standard PCIe configuration read-write interface is used to\\naccess the configuration space of the peripheral PCIe devices\\nof the mips processor after the PCIe link surprise down, it can\\ngenerate kernel panic caused by \\\"Data bus error\\\". So it is\\nnecessary to add PCIe link status check for system protection.\\nWhen the PCIe link is down or in training, assigning a value\\nof 0 to the configuration address can prevent read-write behavior\\nto the configuration space of peripheral PCIe devices, thereby\\npreventing kernel panic.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: MIPS: Octeon: agregar verificaci\u00f3n de estado del enlace PCIe La interfaz de lectura y escritura de configuraci\u00f3n PCIe est\u00e1ndar se utiliza para acceder al espacio de configuraci\u00f3n de los dispositivos PCIe perif\u00e9ricos del procesador mips despu\u00e9s de la sorpresa del enlace PCIe. inactivo, puede generar p\u00e1nico en el kernel causado por un \\\"Error del bus de datos\\\". Por lo tanto, es necesario agregar una verificaci\u00f3n del estado del enlace PCIe para proteger el sistema. Cuando el enlace PCIe est\u00e1 inactivo o en entrenamiento, asignar un valor de 0 a la direcci\u00f3n de configuraci\u00f3n puede evitar el comportamiento de lectura y escritura en el espacio de configuraci\u00f3n de los dispositivos PCIe perif\u00e9ricos, evitando as\u00ed el p\u00e1nico del kernel.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.