Informazioni sul CVE-2024-36020
i40e: fix vf may be used uninitialized in this function warning
CWE ID: N/A
Base Score (CVSS): N/A
CVE: CVE-2024-36020
Descrizione: In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers to hang in very hard to reproduce conditions with resets races, the root cause is two sources of information. In this function, before the fix, bumping v didn’t mean bumping vf pointer. But the code used these variables interchangeably, so stale vf could point to different/not intended vf. Remove redundant “v” variable and iterate via single VF pointer across whole function instead to guarantee VF pointer validity.
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- https://git.kernel.org/stable/c/cc9cd02dd9e8b7764ea9effb24f4f1dd73d1b23d
- https://git.kernel.org/stable/c/9dcf0fcb80f6aeb01469e3c957f8d4c97365450a
- https://git.kernel.org/stable/c/b8e82128b44fa40bf99a50b919488ef361e1683c
- https://git.kernel.org/stable/c/951d2748a2a8242853abc3d0c153ce4bf8faad31
- https://git.kernel.org/stable/c/3e89846283f3cf7c7a8e28b342576fd7c561d2ba
- https://git.kernel.org/stable/c/0dcf573f997732702917af1563aa2493dc772fc0
- https://git.kernel.org/stable/c/06df7618f591b2dc43c59967e294d7b9fc8675b6
- https://git.kernel.org/stable/c/f37c4eac99c258111d414d31b740437e1925b8e8
Prodotti interessati
- Linux – Linux
- Linux – Linux