github - ghsa-mq25-pcc6-7q99

ghsa-mq25-pcc6-7q99

Vulnerability from github

Published

2024-12-28 12:30

Modified

2025-10-06 18:31

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c

Add error pointer checks after calling otx2_mbox_get_rsp().

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-56707"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-28T10:15:19Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c\n\nAdd error pointer checks after calling otx2_mbox_get_rsp().",
  "id": "GHSA-mq25-pcc6-7q99",
  "modified": "2025-10-06T18:31:01Z",
  "published": "2024-12-28T12:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56707"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1611b1ea7cf8d07dff091a45389b10401bb6d5b3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/20e06a5137a1174214bae3a29ce623e69455ee0f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3ccbc7a518868eff1d5a198b9e454e182b651e00"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fc595472fbad96533ccbb7b9ebb82b743ec26829"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2024-56707 (GCVE-0-2024-56707)

Vulnerability from cvelistv5

Published

2024-12-28 09:46

Modified

2025-05-04 10:02

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c Add error pointer checks after calling otx2_mbox_get_rsp().

References

URL

Tags

	https://git.kernel.org/stable/c/1611b1ea7cf8d07dff091a45389b10401bb6d5b3
	https://git.kernel.org/stable/c/3ccbc7a518868eff1d5a198b9e454e182b651e00
	https://git.kernel.org/stable/c/20e06a5137a1174214bae3a29ce623e69455ee0f
	https://git.kernel.org/stable/c/fc595472fbad96533ccbb7b9ebb82b743ec26829
	https://git.kernel.org/stable/c/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64

Impacted products

Vendor

Product

Version

Version: 79d2be385e9eabe4403eb85bcc7d3efc6b936a76
Version: 79d2be385e9eabe4403eb85bcc7d3efc6b936a76
Version: 79d2be385e9eabe4403eb85bcc7d3efc6b936a76
Version: 79d2be385e9eabe4403eb85bcc7d3efc6b936a76
Version: 79d2be385e9eabe4403eb85bcc7d3efc6b936a76

Version: 5.14

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/octeontx2/nic/otx2_dmac_flt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1611b1ea7cf8d07dff091a45389b10401bb6d5b3",
              "status": "affected",
              "version": "79d2be385e9eabe4403eb85bcc7d3efc6b936a76",
              "versionType": "git"
            },
            {
              "lessThan": "3ccbc7a518868eff1d5a198b9e454e182b651e00",
              "status": "affected",
              "version": "79d2be385e9eabe4403eb85bcc7d3efc6b936a76",
              "versionType": "git"
            },
            {
              "lessThan": "20e06a5137a1174214bae3a29ce623e69455ee0f",
              "status": "affected",
              "version": "79d2be385e9eabe4403eb85bcc7d3efc6b936a76",
              "versionType": "git"
            },
            {
              "lessThan": "fc595472fbad96533ccbb7b9ebb82b743ec26829",
              "status": "affected",
              "version": "79d2be385e9eabe4403eb85bcc7d3efc6b936a76",
              "versionType": "git"
            },
            {
              "lessThan": "f5b942e6c54b13246ee49d42dcfb71b7f29e3c64",
              "status": "affected",
              "version": "79d2be385e9eabe4403eb85bcc7d3efc6b936a76",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/octeontx2/nic/otx2_dmac_flt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.120",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.11.*",
              "status": "unaffected",
              "version": "6.11.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.120",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.64",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.11.11",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.2",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c\n\nAdd error pointer checks after calling otx2_mbox_get_rsp()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T10:02:57.852Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1611b1ea7cf8d07dff091a45389b10401bb6d5b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ccbc7a518868eff1d5a198b9e454e182b651e00"
        },
        {
          "url": "https://git.kernel.org/stable/c/20e06a5137a1174214bae3a29ce623e69455ee0f"
        },
        {
          "url": "https://git.kernel.org/stable/c/fc595472fbad96533ccbb7b9ebb82b743ec26829"
        },
        {
          "url": "https://git.kernel.org/stable/c/f5b942e6c54b13246ee49d42dcfb71b7f29e3c64"
        }
      ],
      "title": "octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-56707",
    "datePublished": "2024-12-28T09:46:28.117Z",
    "dateReserved": "2024-12-27T15:00:39.857Z",
    "dateUpdated": "2025-05-04T10:02:57.852Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.