Base Score

MEDIUM5.5

CVE-2024-56728

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp().

VectorLOCAL

Published By416baaa9-dc9f-4396-8d5f-8c081fb06d67

Published DateDec 29, 2024, 12:15

Weakness Type (CWE):CWE-754

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

https://git.kernel.org/stable/c/05a6ce174c0c724e5914e1e5efd826bab8f382b4
https://git.kernel.org/stable/c/2db2194727b1f49a5096c1c3981adef1b7638733
https://git.kernel.org/stable/c/55c41b97001a09bb490ffa2e667e251d75d15ab1
https://git.kernel.org/stable/c/5ff9de1f2712cbca53da2e37d831eea7ffcb43b6
https://git.kernel.org/stable/c/6cda142cee032b8fe65ee11f78721721c3988feb
https://git.kernel.org/stable/c/c0f64fd73b60aee85f88c270c9d714ead27a7b7a
https://git.kernel.org/stable/c/e26f8eac6bb20b20fdb8f7dc695711ebce4c7c5c
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Base Score

MEDIUM5.5

Weakness Type (CWE):CWE-754

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH