CVE-2024-42130 - Vulnerability Details

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-4008-1	linux-6.1 security update
Ubuntu USN	USN-7007-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7007-2	Linux kernel vulnerabilities
Ubuntu USN	USN-7007-3	Linux kernel vulnerabilities
Ubuntu USN	USN-7009-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7009-2	Linux kernel vulnerabilities
Ubuntu USN	USN-7019-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7089-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7089-2	Linux kernel vulnerabilities
Ubuntu USN	USN-7089-3	Linux kernel vulnerabilities
Ubuntu USN	USN-7089-4	Linux kernel vulnerabilities
Ubuntu USN	USN-7089-5	Linux kernel vulnerabilities
Ubuntu USN	USN-7089-6	Linux kernel vulnerabilities
Ubuntu USN	USN-7089-7	Linux kernel (Low Latency) vulnerabilities
Ubuntu USN	USN-7090-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7095-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7156-1	Linux kernel (GKE) vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2024073027-CVE-2024-42130-f6ce@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-42130
https://www.cve.org/CVERecord?id=CVE-2024-42130

History

Sat, 31 Jan 2026 12:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	NVD-CWE-noinfo
CPEs	cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.10:rc1::::::
References	https://git.kernel.org/stable/c/056478b4321b36ca33567089d39ac992f6c9c37a https://git.kernel.org/stable/c/068648aab72c9ba7b0597354ef4d81ffaac7b979 https://git.kernel.org/stable/c/22a72c1c10f43ca645a98725e0faff34592f4d08 https://git.kernel.org/stable/c/41f5e2840cd0629f049ce5ce2f8dd10a8299de42 https://git.kernel.org/stable/c/f07bcd8bba803c9e6ad2048543185d6c56587a2f https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H'}`

Sat, 31 Jan 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: nfc/nci: Add the inconsistency check between the input data length and count write$nci(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="610501"], 0xf) Syzbot constructed a write() call with a data length of 3 bytes but a count value of 15, which passed too little data to meet the basic requirements of the function nci_rf_intf_activated_ntf_packet(). Therefore, increasing the comparison between data length and count value to avoid problems caused by inconsistent data length and count.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	nfc/nci: Add the inconsistency check between the input data length and count	kernel: nfc/nci: Add the inconsistency check between the input data length and count
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 03 Nov 2025 22:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Fri, 03 Oct 2025 19:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.10:rc1::::::
Metrics	cvssV3_1 `{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 27 Aug 2024 02:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-20
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: REJECTED

Assigner: Linux

Published: 2024-07-30T07:46:26.153Z

Updated: 2026-01-31T11:58:31.317Z

Reserved: 2024-07-29T15:50:41.186Z

Link: CVE-2024-42130

Vulnrichment

Updated:

NVD

Status : Rejected

Published: 2024-07-30T08:15:05.053

Modified: 2026-01-31T12:15:49.570

Link: CVE-2024-42130

Redhat

Severity : Moderate

Publid Date: 2024-07-30T00:00:00Z

Links: CVE-2024-42130 - Bugzilla

OpenCVE Enrichment

Updated: 2025-07-13T11:22:35Z

Weaknesses

CWE-20

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object