CVE-2024-40968
MIPS: Octeon: Add PCIe link status check
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 jul 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
MIPS: Octeon: Add PCIe link status check
The standard PCIe configuration read-write interface is used to
access the configuration space of the peripheral PCIe devices
of the mips processor after the PCIe link surprise down, it can
generate kernel panic caused by "Data bus error". So it is
necessary to add PCIe link status check for system protection.
When the PCIe link is down or in training, assigning a value
of 0 to the configuration address can prevent read-write behavior
to the configuration space of peripheral PCIe devices, thereby
preventing kernel panic.
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aeehttps://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814ahttps://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html