CVE-2024-35837

2024-05-1714:15:20

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

net

mvpp2

vulnerability

fix

nvd

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved:

net: mvpp2: clear BM pool before initialization

Register value persist after booting the kernel using
kexec which results in kernel panic. Thus clear the
BM pool registers before initialisation to fix the issue.

Affected configurations

Vulners

Node

linuxlinux_kernelRange3.17–5.10.210

linuxlinux_kernelRange5.11.0–5.15.149

linuxlinux_kernelRange5.16.0–6.1.76

linuxlinux_kernelRange6.2.0–6.6.15

linuxlinux_kernelRange6.7.0–6.7.3

linuxlinux_kernelRange6.8.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c"
    ],
    "versions": [
      {
        "version": "3f518509dedc",
        "lessThan": "83f99138bf3b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3f518509dedc",
        "lessThan": "af47faa6d332",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3f518509dedc",
        "lessThan": "cec65f09c47d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3f518509dedc",
        "lessThan": "938729484cfa",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3f518509dedc",
        "lessThan": "dc77f6ab5c37",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3f518509dedc",
        "lessThan": "9f538b415db8",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c"
    ],
    "versions": [
      {
        "version": "3.17",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "3.17",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.210",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.149",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.76",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.15",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.7.3",
        "lessThanOrEqual": "6.7.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.8",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]