May 2, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Severity
Medium
Analysis Summary
CVE-2024-42273 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a flaw in CURSEG_ALL_DATA_ATGC. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-42258 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an error related to huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-42259 CVSS:4.1
Linux Kernel is vulnerable to a denial of service, caused by improper bounds checking by drm/i915/gem. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-41042 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an error related to netfilter: nf_tables: prefer nft_chain_validate nft_chain_validate. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-43888 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in mem_cgroup_from_slab_obj(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-43910 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds memory accesses in check_func_arg_reg_off(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-42285 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by use-after-free related to destroying CM IDs in service RDMA/iwcm. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-42302 CVSS:6.2
Linux Kernel is vulnerable to a denial of service, caused by a use-after-free on concurrent DPC and hot-removal. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-43833 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in adding ancillary links In v4l2_async_create_ancillary_links(). A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-43857 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference when checking end of zone. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-42264 CVSS:5.5
Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds access in performance query extensions. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-42273
- CVE-2024-42258
- CVE-2024-42259
- CVE-2024-41042
- CVE-2024-43888
- CVE-2024-43910
- CVE-2024-42285
- CVE-2024-42302
- CVE-2024-43833
- CVE-2024-43857
- CVE-2024-42264
Affected Vendors
Linux
Affected Products
- Linux Kernel 6.1
- Linux Kernel 6.6
- Linux Kernel 6.8
- Linux Kernel 6.10
- Linux - 4ef9ad19e176
- Linux - c58305af1835
- Linux - 4.9
- Linux - 20a69341f2d0
- Linux - 3.13
- Linux 5.19
- Linux 6.5
- Linux 6.8
- Linux aa4faf6eb271
- Linux bae7cb5d6800
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.
