Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2024-36934 |
CWE-ID | CWE-125 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU90266
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-36934
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnad_debugfs_write_regrd() and bnad_debugfs_write_regwr() functions in drivers/net/ethernet/brocade/bna/bnad_debugfs.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147
http://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd
http://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4
http://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9
http://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32
http://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91
http://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35
http://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.