CVE-2024-40968

high

Description

In the Linux kernel, the following vulnerability has been resolved: MIPS: Octeon: Add PCIe link status check The standard PCIe configuration read-write interface is used to access the configuration space of the peripheral PCIe devices of the mips processor after the PCIe link surprise down, it can generate kernel panic caused by "Data bus error". So it is necessary to add PCIe link status check for system protection. When the PCIe link is down or in training, assigning a value of 0 to the configuration address can prevent read-write behavior to the configuration space of peripheral PCIe devices, thereby preventing kernel panic.

References

https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62

https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a

https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419

https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee

https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9

https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7

https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799

https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0

Details

Source: Mitre, NVD

Published: 2024-07-12

Updated: 2024-07-12

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High