CVE-2024-56716

MEDIUM

Linux Kernel 5.5-6.12.7 DoS via nsim_dev_health_break_write Input Validation

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user input in nsim_dev_health_break_write() If either a zero count or a large one is provided, kernel can crash.

References (8)

Core 8

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

Mailing List

https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Patch

https://git.kernel.org/stable/c/81bdfcd6e6a998e219c9dd49ec7291c2e0594bbc

Patch

https://git.kernel.org/stable/c/b3a6daaf7cfb2de37b89fd7a5a2ad4ea9aa3e181

Patch

https://git.kernel.org/stable/c/d10321be26ff9e9e912697e9e8448099654ff561

Patch

https://git.kernel.org/stable/c/470c5ecbac2f19b1cdee2a6ce8d5650c3295c94b

Patch

https://git.kernel.org/stable/c/8e9ef6bdf71bf25f4735e0230ce1919de8985835

Patch

https://git.kernel.org/stable/c/ee76746387f6233bdfa93d7406990f923641568f

Scores

CVSS v3 5.5

EPSS 0.0020

EPSS Percentile 10.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1284

Status published

Products (21)

linux/Kernel 5.11.0 - 5.15.176linux

linux/Kernel 5.16.0 - 6.1.122linux

linux/Kernel 5.5.0 - 5.10.233linux

linux/Kernel 6.2.0 - 6.6.68linux

linux/Kernel 6.7.0 - 6.12.7linux

Linux/Linux < 5.5

Linux/Linux 5.10.233 - 5.10.*

Linux/Linux 5.15.176 - 5.15.*

Linux/Linux 5.5

Linux/Linux 6.1.122 - 6.1.*

... and 11 more

Published Dec 29, 2024

Tracked Since Feb 18, 2026