CVE-2024-40968
MIPS: Octeon: Add PCIe link status check
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Jul 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
MIPS: Octeon: Add PCIe link status check
The standard PCIe configuration read-write interface is used to
access the configuration space of the peripheral PCIe devices
of the mips processor after the PCIe link surprise down, it can
generate kernel panic caused by "Data bus error". So it is
necessary to add PCIe link status check for system protection.
When the PCIe link is down or in training, assigning a value
of 0 to the configuration address can prevent read-write behavior
to the configuration space of peripheral PCIe devices, thereby
preventing kernel panic.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aeehttps://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814ahttps://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html