Base Score

HIGH7.5

CVE-2024-42225

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data

VectorADJACENT_NETWORK

Published By416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published DateJul 30, 2024, 08:15

Weakness Type (CWE):CWE-908

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

ADJACENT_NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

https://git.kernel.org/stable/c/22ea2a7f0b64d323625950414a4496520fb33657
https://git.kernel.org/stable/c/64f86337ccfe77fe3be5a9356b0dabde23fbb074
https://git.kernel.org/stable/c/7f819a2f4fbc510e088b49c79addcf1734503578
https://git.kernel.org/stable/c/dc7f14d00d0c4c21898f3504607f4a31079065a2
https://git.kernel.org/stable/c/ff6b26be13032c5fbd6b6a0b24358f8eaac4f3af
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Base Score

HIGH7.5

Weakness Type (CWE):CWE-908

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Severity

HIGH

Version

3.1

Attack Vector (AV)

ADJACENT_NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH