{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35983", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.145Z", "datePublished": "2024-05-20T09:47:51.079Z", "dateUpdated": "2026-05-12T11:53:25.765Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:14:59.060Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS\n\nbits_per() rounds up to the next power of two when passed a power of\ntwo. This causes crashes on some machines and configurations."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bounds.c"], "versions": [{"version": "d6077e0d38b4953c863d0db4a5b3f41d21e0d546", "lessThan": "d34a516f2635090d36a306f84573e8de3d7374ce", "status": "affected", "versionType": "git"}, {"version": "83a2275f9d3230c761014b1467888b1ef469be74", "lessThan": "66297b2ceda841f809637731d287bda3a93b49d8", "status": "affected", "versionType": "git"}, {"version": "d2a7a81088c6abe778b0a93a7eeb79487a943818", "lessThan": "93ba36238db6a74a82feb3dc476e25ea424ad630", "status": "affected", "versionType": "git"}, {"version": "428ca0000f0abd5c99354c52a36becf2b815ca21", "lessThan": "9b7c5004d7c5ae062134052a85290869a015814c", "status": "affected", "versionType": "git"}, {"version": "b46c822f8b555b9513df44047b0e72c06720df62", "lessThan": "15aa09d6d84629eb5296de30ac0aa19a33512f16", "status": "affected", "versionType": "git"}, {"version": "cf778fff03be1ee88c49b72959650147573c3301", "lessThan": "ebfe41889b762f1933c6762f6624b9724a25bee0", "status": "affected", "versionType": "git"}, {"version": "f2d5dcb48f7ba9e3ff249d58fc1fa963d374e66a", "lessThan": "5af385f5f4cddf908f663974847a4083b2ff2c79", "status": "affected", "versionType": "git"}, {"version": "b2e1b090a590d41abe647eadb6bf2a5dc47b63ab", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bounds.c"], "versions": [{"version": "5.4.274", "lessThan": "5.4.275", "status": "affected", "versionType": "semver"}, {"version": "5.10.215", "lessThan": "5.10.216", "status": "affected", "versionType": "semver"}, {"version": "5.15.154", "lessThan": "5.15.158", "status": "affected", "versionType": "semver"}, {"version": "6.1.84", "lessThan": "6.1.90", "status": "affected", "versionType": "semver"}, {"version": "6.6.24", "lessThan": "6.6.30", "status": "affected", "versionType": "semver"}, {"version": "6.8.3", "lessThan": "6.8.9", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.274", "versionEndExcluding": "5.4.275"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.215", "versionEndExcluding": "5.10.216"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.154", "versionEndExcluding": "5.15.158"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.84", "versionEndExcluding": "6.1.90"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.24", "versionEndExcluding": "6.6.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8.3", "versionEndExcluding": "6.8.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.12"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce"}, {"url": "https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8"}, {"url": "https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630"}, {"url": "https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c"}, {"url": "https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16"}, {"url": "https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0"}, {"url": "https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79"}], "title": "bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35983", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T13:33:05.860363Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:34:16.061Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.040Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"x_adpType": "supplier", "providerMetadata": {"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T11:53:25.765Z"}, "affected": [{"vendor": "Siemens", "product": "RUGGEDCOM RST2428P", "versions": [{"status": "affected", "version": "0", "lessThan": "V3.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family", "versions": [{"status": "unaffected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family", "versions": [{"status": "affected", "version": "0", "lessThan": "V3.1", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}, {"url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"}]}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.040Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35983", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T13:33:05.860363Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-20T13:33:13.710Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d6077e0d38b4953c863d0db4a5b3f41d21e0d546", "lessThan": "d34a516f2635090d36a306f84573e8de3d7374ce", "versionType": "git"}, {"status": "affected", "version": "83a2275f9d3230c761014b1467888b1ef469be74", "lessThan": "66297b2ceda841f809637731d287bda3a93b49d8", "versionType": "git"}, {"status": "affected", "version": "d2a7a81088c6abe778b0a93a7eeb79487a943818", "lessThan": "93ba36238db6a74a82feb3dc476e25ea424ad630", "versionType": "git"}, {"status": "affected", "version": "428ca0000f0abd5c99354c52a36becf2b815ca21", "lessThan": "9b7c5004d7c5ae062134052a85290869a015814c", "versionType": "git"}, {"status": "affected", "version": "b46c822f8b555b9513df44047b0e72c06720df62", "lessThan": "15aa09d6d84629eb5296de30ac0aa19a33512f16", "versionType": "git"}, {"status": "affected", "version": "cf778fff03be1ee88c49b72959650147573c3301", "lessThan": "ebfe41889b762f1933c6762f6624b9724a25bee0", "versionType": "git"}, {"status": "affected", "version": "f2d5dcb48f7ba9e3ff249d58fc1fa963d374e66a", "lessThan": "5af385f5f4cddf908f663974847a4083b2ff2c79", "versionType": "git"}], "programFiles": ["kernel/bounds.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.4.274", "lessThan": "5.4.275", "versionType": "semver"}, {"status": "affected", "version": "5.10.215", "lessThan": "5.10.216", "versionType": "semver"}, {"status": "affected", "version": "5.15.154", "lessThan": "5.15.158", "versionType": "semver"}, {"status": "affected", "version": "6.1.84", "lessThan": "6.1.90", "versionType": "semver"}, {"status": "affected", "version": "6.6.24", "lessThan": "6.6.30", "versionType": "semver"}, {"status": "affected", "version": "6.8.3", "lessThan": "6.8.9", "versionType": "semver"}], "programFiles": ["kernel/bounds.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce"}, {"url": "https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8"}, {"url": "https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630"}, {"url": "https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c"}, {"url": "https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16"}, {"url": "https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0"}, {"url": "https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS\n\nbits_per() rounds up to the next power of two when passed a power of\ntwo. This causes crashes on some machines and configurations."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.275", "versionStartIncluding": "5.4.274"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.216", "versionStartIncluding": "5.10.215"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.158", "versionStartIncluding": "5.15.154"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.90", "versionStartIncluding": "6.1.84"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.30", "versionStartIncluding": "6.6.24"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.9", "versionStartIncluding": "6.8.3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "6.7.12"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:09:49.696Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35983", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:09:49.696Z", "dateReserved": "2024-05-17T13:50:33.145Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-20T09:47:51.079Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5E54B56-9379-4599-9F82-9C47C3AD9481", "versionEndExcluding": "5.4.275", "versionStartIncluding": "5.4.274", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1A593F8-A32A-43C3-87CA-6EE8C4D8538A", "versionEndExcluding": "5.10.216", "versionStartIncluding": "5.10.215", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EAEFA87-47DC-4C73-A0C0-C1E4E436BC87", "versionEndExcluding": "5.15.158", "versionStartIncluding": "5.15.154", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9466E6BB-FA8E-4F76-B8A6-FDE5100244D2", "versionEndExcluding": "6.1.90", "versionStartIncluding": "6.1.84", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5ABE1B2-C67B-488F-81DD-A09351B51540", "versionEndExcluding": "6.6.30", "versionStartIncluding": "6.6.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6A2C3EC-DA7B-4144-8BAF-2DBB7E8CE4C7", "versionEndExcluding": "6.8", "versionStartIncluding": "6.7.12", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EE73E8A-A1BD-47FF-99D8-99A4B5AC9B0B", "versionEndExcluding": "6.8.9", "versionStartIncluding": "6.8.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS\n\nbits_per() rounds up to the next power of two when passed a power of\ntwo. This causes crashes on some machines and configurations."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: l\u00edmites: utilice el n\u00famero correcto de bits para potencia de dos CONFIG_NR_CPUS bits_per() redondea a la siguiente potencia de dos cuando se pasa una potencia de dos. Esto provoca fallos en algunas m\u00e1quinas y configuraciones."}], "id": "CVE-2024-35983", "lastModified": "2026-05-12T12:16:45.660", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-20T10:15:12.760", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/15aa09d6d84629eb5296de30ac0aa19a33512f16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5af385f5f4cddf908f663974847a4083b2ff2c79"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/66297b2ceda841f809637731d287bda3a93b49d8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/93ba36238db6a74a82feb3dc476e25ea424ad630"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9b7c5004d7c5ae062134052a85290869a015814c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d34a516f2635090d36a306f84573e8de3d7374ce"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ebfe41889b762f1933c6762f6624b9724a25bee0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}, {"source": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS", "id": "2281863", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281863"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nbounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS\nbits_per() rounds up to the next power of two when passed a power of\ntwo. This causes crashes on some machines and configurations.", "A vulnerability was found in the Linux kernel related to the improper handling of power-of-two values for `CONFIG_NR_CPUS`. The `bits_per()` function incorrectly rounds up to the next power of two when given a power of two, causing crashes on certain systems."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35983", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35983\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35983\nhttps://lore.kernel.org/linux-cve-announce/2024052018-CVE-2024-35983-a607@gregkh/T"], "threat_severity": "Moderate"}

{}