admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-530xx/CVE-2024-53048.json
cad-safe-bot e46b29d1dd Auto-Update: 2024-11-27T21:01:06.385665+00:00
2024-11-27 21:04:18 +00:00

114 lines
6.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-53048",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-11-19T18:15:25.127",
"lastModified": "2024-11-27T20:26:29.637",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix crash on probe for DPLL enabled E810 LOM\n\nThe E810 Lan On Motherboard (LOM) design is vendor specific. Intel\nprovides the reference design, but it is up to vendor on the final\nproduct design. For some cases, like Linux DPLL support, the static\nvalues defined in the driver does not reflect the actual LOM design.\nCurrent implementation of dpll pins is causing the crash on probe\nof the ice driver for such DPLL enabled E810 LOM designs:\n\nWARNING: (...) at drivers/dpll/dpll_core.c:495 dpll_pin_get+0x2c4/0x330\n...\nCall Trace:\n <TASK>\n ? __warn+0x83/0x130\n ? dpll_pin_get+0x2c4/0x330\n ? report_bug+0x1b7/0x1d0\n ? handle_bug+0x42/0x70\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? dpll_pin_get+0x117/0x330\n ? dpll_pin_get+0x2c4/0x330\n ? dpll_pin_get+0x117/0x330\n ice_dpll_get_pins.isra.0+0x52/0xe0 [ice]\n...\n\nThe number of dpll pins enabled by LOM vendor is greater than expected\nand defined in the driver for Intel designed NICs, which causes the crash.\n\nPrevent the crash and allow generic pin initialization within Linux DPLL\nsubsystem for DPLL enabled E810 LOM designs.\n\nNewly designed solution for described issue will be based on \"per HW\ndesign\" pin initialization. It requires pin information dynamically\nacquired from the firmware and is already in progress, planned for\nnext-tree only."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: correcci\u00f3n del fallo en la sonda para LOM E810 con DPLL habilitado El dise\u00f1o de la placa base Lan On (LOM) E810 es espec\u00edfico del proveedor. Intel proporciona el dise\u00f1o de referencia, pero el dise\u00f1o del producto final depende del proveedor. En algunos casos, como el soporte de DPLL para Linux, los valores est\u00e1ticos definidos en el controlador no reflejan el dise\u00f1o real de la LOM. La implementaci\u00f3n actual de los pines dpll est\u00e1 provocando el fallo en la sonda del controlador ice para dichos dise\u00f1os de LOM E810 con DPLL habilitado: ADVERTENCIA: (...) en drivers/dpll/dpll_core.c:495 dpll_pin_get+0x2c4/0x330 ... Seguimiento de llamadas: ? __warn+0x83/0x130 ? dpll_pin_get+0x2c4/0x330 ? report_bug+0x1b7/0x1d0 ? La cantidad de pines dpll habilitados por el proveedor de LOM es mayor que la esperada y definida en el controlador para las NIC dise\u00f1adas por Intel, lo que causa el bloqueo. Evite el bloqueo y permita la inicializaci\u00f3n de pines gen\u00e9ricos dentro del subsistema DPLL de Linux para los dise\u00f1os LOM E810 habilitados para DPLL. La soluci\u00f3n recientemente dise\u00f1ada para el problema descrito se basar\u00e1 en la inicializaci\u00f3n de pines \"seg\u00fan el dise\u00f1o de HW\". Requiere informaci\u00f3n de pin adquirida din\u00e1micamente desde el firmware y ya est\u00e1 en progreso, planificado solo para el siguiente \u00e1rbol."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.11.7",
"matchCriteriaId": "E96F53A4-5E87-4A70-BD9A-BC327828D57F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "24DBE6C7-2AAE-4818-AED2-E131F153D2FA"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/6e58c33106220c6c0c8fbee9ab63eae76ad8f260",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/82b107a27bab29146e159b6b9f21146c97c45a53",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink