CVE-2024-44944 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:4.19.320:::::::*
	cpe:2.3:o:linux:linux_kernel:5.1:::::::*

No data.

References

Link	Providers
https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39
https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd
https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61
https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435
https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450
https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f
https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299
https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184
https://lore.kernel.org/linux-cve-announce/2024083044-CVE-2024-44944-56c0@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-44944
https://www.cve.org/CVERecord?id=CVE-2024-44944
https://www.zerodayinitiative.com/advisories/ZDI-24-1182/

History

Mon, 28 Oct 2024 14:45:00 +0000

Type	Values Removed	Values Added
Metrics	threat_severity `Low`	threat_severity `Moderate`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 10 Sep 2024 07:30:00 +0000

Type	Values Removed	Values Added
References		https://www.zerodayinitiative.com/advisories/ZDI-24-1182/

Tue, 03 Sep 2024 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-401
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:4.19.320:::::::* cpe:2.3:o:linux:linux_kernel:5.1:::::::*
Vendors & Products		Linux Linux linux Kernel

Fri, 30 Aug 2024 15:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2024083044-CVE-2024-44944-56c0@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-44944 https://www.cve.org/CVERecord?id=CVE-2024-44944
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Fri, 30 Aug 2024 08:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.
Title		netfilter: ctnetlink: use helper function to calculate expect ID
References		https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39 https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61 https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435 https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450 https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299 https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-08-30T07:56:41.693Z

Updated: 2024-12-19T09:18:37.697Z

Reserved: 2024-08-21T05:34:56.665Z

Link: CVE-2024-44944

Vulnrichment

Updated: 2024-09-11T12:42:19.381Z

NVD

Status : Modified

Published: 2024-08-30T08:15:04.580

Modified: 2024-09-10T08:15:03.230

Link: CVE-2024-44944

Redhat

Severity : Moderate

Publid Date: 2024-08-30T00:00:00Z

Links: CVE-2024-44944 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-44944", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-08-21T05:34:56.665Z", "datePublished": "2024-08-30T07:56:41.693Z", "dateUpdated": "2024-12-19T09:18:37.697Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:18:37.697Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use helper function to calculate expect ID\n\nDelete expectation path is missing a call to the nf_expect_get_id()\nhelper function to calculate the expectation ID, otherwise LSB of the\nexpectation object address is leaked to userspace."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_conntrack_netlink.c"], "versions": [{"version": "7b115755fb9d3aff0ddcd18a5c4d83381362acce", "lessThan": "66e7650dbbb8e236e781c670b167edc81e771450", "status": "affected", "versionType": "git"}, {"version": "3c79107631db1f7fd32cf3f7368e4672004a3010", "lessThan": "64c0b8e64be8368617ef08dfc59a3160563a1435", "status": "affected", "versionType": "git"}, {"version": "3c79107631db1f7fd32cf3f7368e4672004a3010", "lessThan": "eb4ca1a97e08ff5b920664ba292e576257e2d184", "status": "affected", "versionType": "git"}, {"version": "3c79107631db1f7fd32cf3f7368e4672004a3010", "lessThan": "5e2c24f7b0911b15c29aefce760bcf770542fb61", "status": "affected", "versionType": "git"}, {"version": "3c79107631db1f7fd32cf3f7368e4672004a3010", "lessThan": "24f407042cf90b0872de667460230d8d50c06c39", "status": "affected", "versionType": "git"}, {"version": "3c79107631db1f7fd32cf3f7368e4672004a3010", "lessThan": "27662b46f2adaa52c1665a82af4b21c42c4337fd", "status": "affected", "versionType": "git"}, {"version": "3c79107631db1f7fd32cf3f7368e4672004a3010", "lessThan": "74de442b8e12a207c07953ee068009a7701aff8f", "status": "affected", "versionType": "git"}, {"version": "3c79107631db1f7fd32cf3f7368e4672004a3010", "lessThan": "782161895eb4ac45cf7cfa8db375bd4766cb8299", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_conntrack_netlink.c"], "versions": [{"version": "5.1", "status": "affected"}, {"version": "0", "lessThan": "5.1", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.320", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.282", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.224", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.165", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.103", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.44", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.3", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450"}, {"url": "https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435"}, {"url": "https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184"}, {"url": "https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61"}, {"url": "https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39"}, {"url": "https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd"}, {"url": "https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f"}, {"url": "https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1182/"}], "title": "netfilter: ctnetlink: use helper function to calculate expect ID", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-44944", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:27:16.326567Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:16.802Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-44944", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:27:16.326567Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:19.381Z"}}], "cna": {"title": "netfilter: ctnetlink: use helper function to calculate expect ID", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "7b115755fb9d", "lessThan": "66e7650dbbb8", "versionType": "git"}, {"status": "affected", "version": "3c79107631db", "lessThan": "64c0b8e64be8", "versionType": "git"}, {"status": "affected", "version": "3c79107631db", "lessThan": "eb4ca1a97e08", "versionType": "git"}, {"status": "affected", "version": "3c79107631db", "lessThan": "5e2c24f7b091", "versionType": "git"}, {"status": "affected", "version": "3c79107631db", "lessThan": "24f407042cf9", "versionType": "git"}, {"status": "affected", "version": "3c79107631db", "lessThan": "27662b46f2ad", "versionType": "git"}, {"status": "affected", "version": "3c79107631db", "lessThan": "74de442b8e12", "versionType": "git"}, {"status": "affected", "version": "3c79107631db", "lessThan": "782161895eb4", "versionType": "git"}], "programFiles": ["net/netfilter/nf_conntrack_netlink.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.1"}, {"status": "unaffected", "version": "0", "lessThan": "5.1", "versionType": "custom"}, {"status": "unaffected", "version": "4.19.320", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.282", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.224", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.165", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.103", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.44", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.3", "versionType": "custom", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nf_conntrack_netlink.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450"}, {"url": "https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435"}, {"url": "https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184"}, {"url": "https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61"}, {"url": "https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39"}, {"url": "https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd"}, {"url": "https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f"}, {"url": "https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1182/"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use helper function to calculate expect ID\n\nDelete expectation path is missing a call to the nf_expect_get_id()\nhelper function to calculate the expectation ID, otherwise LSB of the\nexpectation object address is leaked to userspace."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-09-15T17:55:41.888Z"}}}, "cveMetadata": {"cveId": "CVE-2024-44944", "state": "PUBLISHED", "dateUpdated": "2024-09-15T17:55:41.888Z", "dateReserved": "2024-08-21T05:34:56.665Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-08-30T07:56:41.693Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E51BE530-4BC0-4DAA-B144-7141C5472612", "versionEndExcluding": "5.4.282", "versionStartIncluding": "5.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CCEDF13-293D-4E64-B501-4409D0365AFE", "versionEndExcluding": "5.10.224", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E2B568-3171-41DE-B519-F2B1A3600D94", "versionEndExcluding": "5.15.165", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E45EAC72-8329-4F99-8276-86AF9BB3496A", "versionEndExcluding": "6.1.103", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC912330-6B41-4C6B-99AF-F3857FBACB6A", "versionEndExcluding": "6.6.44", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "92D388F2-1EAF-4CFA-AC06-5B26D762EA7D", "versionEndExcluding": "6.10.3", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.19.320:*:*:*:*:*:*:*", "matchCriteriaId": "05069577-131E-4BED-A060-A8AA4A8ED542", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3675F1D-512E-4507-A2CA-1A29D213E6D4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use helper function to calculate expect ID\n\nDelete expectation path is missing a call to the nf_expect_get_id()\nhelper function to calculate the expectation ID, otherwise LSB of the\nexpectation object address is leaked to userspace."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: ctnetlink: usar la funci\u00f3n auxiliar para calcular el ID de expectativa. Al eliminar la ruta de expectativa falta una llamada a la funci\u00f3n auxiliar nf_expect_get_id() para calcular el ID de expectativa; de lo contrario, el LSB de la direcci\u00f3n del objeto de expectativa se filtra al espacio de usuario."}], "id": "CVE-2024-44944", "lastModified": "2024-09-10T08:15:03.230", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-30T08:15:04.580", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1182/"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: netfilter: ctnetlink: use helper function to calculate expect ID", "id": "2308652", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308652"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "status": "draft"}, "cwe": "CWE-401", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: ctnetlink: use helper function to calculate expect ID\nDelete expectation path is missing a call to the nf_expect_get_id()\nhelper function to calculate the expectation ID, otherwise LSB of the\nexpectation object address is leaked to userspace."], "name": "CVE-2024-44944", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-08-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-44944\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-44944\nhttps://lore.kernel.org/linux-cve-announce/2024083044-CVE-2024-44944-56c0@gregkh/T"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object