CVE-2024-42093

In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code should always use *cpumask_var API(s) to allocate cpumask var in config-neutral way, leaving allocation strategy to CONFIG_CPUMASK_OFFSTACK. Use *cpumask_var API(s) to address it.

CVSS v3.0 7.3 HIGH

7.3^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/48147337d7efdea6ad6e49f5b8eb894b95868ef0	Patch
https://git.kernel.org/stable/c/48147337d7efdea6ad6e49f5b8eb894b95868ef0	Patch
https://git.kernel.org/stable/c/5e4f25091e6d06e99a23f724c839a58a8776a527	Patch
https://git.kernel.org/stable/c/5e4f25091e6d06e99a23f724c839a58a8776a527	Patch
https://git.kernel.org/stable/c/69f49527aea12c23b78fb3d0a421950bf44fb4e2	Patch
https://git.kernel.org/stable/c/69f49527aea12c23b78fb3d0a421950bf44fb4e2	Patch
https://git.kernel.org/stable/c/763896ab62a672d728f5eb10ac90d98c607a8509	Patch
https://git.kernel.org/stable/c/763896ab62a672d728f5eb10ac90d98c607a8509	Patch
https://git.kernel.org/stable/c/a55afc0f5f20ba30970aaf7271929dc00eee5e7d	Patch
https://git.kernel.org/stable/c/a55afc0f5f20ba30970aaf7271929dc00eee5e7d	Patch
https://git.kernel.org/stable/c/b2262b3be27cee334a2fa175ae3afb53f38fb0b1	Patch
https://git.kernel.org/stable/c/b2262b3be27cee334a2fa175ae3afb53f38fb0b1	Patch
https://git.kernel.org/stable/c/d33fe1714a44ff540629b149d8fab4ac6967585c	Patch
https://git.kernel.org/stable/c/d33fe1714a44ff540629b149d8fab4ac6967585c	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

21 May 2025, 15:58

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 7.3

26 Aug 2024, 15:03

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CWE		CWE-787
First Time		Linux Linux linux Kernel
CPE		cpe:2.3:o:linux:linux_kernel::::::::
References	~~() https://git.kernel.org/stable/c/a55afc0f5f20ba30970aaf7271929dc00eee5e7d -~~	() https://git.kernel.org/stable/c/a55afc0f5f20ba30970aaf7271929dc00eee5e7d - Patch
References	~~() https://git.kernel.org/stable/c/5e4f25091e6d06e99a23f724c839a58a8776a527 -~~	() https://git.kernel.org/stable/c/5e4f25091e6d06e99a23f724c839a58a8776a527 - Patch
References	~~() https://git.kernel.org/stable/c/69f49527aea12c23b78fb3d0a421950bf44fb4e2 -~~	() https://git.kernel.org/stable/c/69f49527aea12c23b78fb3d0a421950bf44fb4e2 - Patch
References	~~() https://git.kernel.org/stable/c/b2262b3be27cee334a2fa175ae3afb53f38fb0b1 -~~	() https://git.kernel.org/stable/c/b2262b3be27cee334a2fa175ae3afb53f38fb0b1 - Patch
References	~~() https://git.kernel.org/stable/c/763896ab62a672d728f5eb10ac90d98c607a8509 -~~	() https://git.kernel.org/stable/c/763896ab62a672d728f5eb10ac90d98c607a8509 - Patch
References	~~() https://git.kernel.org/stable/c/48147337d7efdea6ad6e49f5b8eb894b95868ef0 -~~	() https://git.kernel.org/stable/c/48147337d7efdea6ad6e49f5b8eb894b95868ef0 - Patch
References	~~() https://git.kernel.org/stable/c/d33fe1714a44ff540629b149d8fab4ac6967585c -~~	() https://git.kernel.org/stable/c/d33fe1714a44ff540629b149d8fab4ac6967585c - Patch

29 Jul 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-29 18:15

Updated : 2025-05-21 15:58

NVD link : CVE-2024-42093

Mitre link : CVE-2024-42093

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

7.3 /10