In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing these new fields to unallocated memory. Therefore make sure that the allocated memory area is big enough to hold all of the tally counter values, even if we use only parts of it.
History

Fri, 08 Nov 2024 16:00:00 +0000


Thu, 07 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787

Fri, 01 Nov 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel

Wed, 23 Oct 2024 01:30:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Tue, 22 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 21 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing these new fields to unallocated memory. Therefore make sure that the allocated memory area is big enough to hold all of the tally counter values, even if we use only parts of it.
Title r8169: add tally counter fields added with RTL8125
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-10-21T18:02:21.696Z

Updated: 2024-12-19T09:30:28.300Z

Reserved: 2024-10-21T12:17:06.051Z

Link: CVE-2024-49973

cve-icon Vulnrichment

Updated: 2024-10-22T13:33:34.088Z

cve-icon NVD

Status : Modified

Published: 2024-10-21T18:15:18.163

Modified: 2024-11-08T16:15:39.283

Link: CVE-2024-49973

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-10-21T00:00:00Z

Links: CVE-2024-49973 - Bugzilla