{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-46679", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-09-11T15:12:18.248Z", "datePublished": "2024-09-13T05:29:13.450Z", "dateUpdated": "2025-05-04T09:31:44.156Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:31:44.156Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: check device is present when getting link settings\n\nA sysfs reader can race with a device reset or removal, attempting to\nread device state when the device is not actually present. eg:\n\n [exception RIP: qed_get_current_link+17]\n #8 [ffffb9e4f2907c48] qede_get_link_ksettings at ffffffffc07a994a [qede]\n #9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings at ffffffff992b01a3\n #10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings at ffffffff992b04e4\n #11 [ffffb9e4f2907d90] duplex_show at ffffffff99260300\n #12 [ffffb9e4f2907e38] dev_attr_show at ffffffff9905a01c\n #13 [ffffb9e4f2907e50] sysfs_kf_seq_show at ffffffff98e0145b\n #14 [ffffb9e4f2907e68] seq_read at ffffffff98d902e3\n #15 [ffffb9e4f2907ec8] vfs_read at ffffffff98d657d1\n #16 [ffffb9e4f2907f00] ksys_read at ffffffff98d65c3f\n #17 [ffffb9e4f2907f38] do_syscall_64 at ffffffff98a052fb\n\n crash> struct net_device.state ffff9a9d21336000\n state = 5,\n\nstate 5 is __LINK_STATE_START (0b1) and __LINK_STATE_NOCARRIER (0b100).\nThe device is not present, note lack of __LINK_STATE_PRESENT (0b10).\n\nThis is the same sort of panic as observed in commit 4224cfd7fb65\n(\"net-sysfs: add check for netdevice being present to speed_show\").\n\nThere are many other callers of __ethtool_get_link_ksettings() which\ndon't have a device presence check.\n\nMove this check into ethtool to protect all callers."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/net-sysfs.c", "net/ethtool/ioctl.c"], "versions": [{"version": "d519e17e2d01a0ee9abe083019532061b4438065", "lessThan": "ec7b4f7f644018ac293cb1b02528a40a32917e62", "status": "affected", "versionType": "git"}, {"version": "d519e17e2d01a0ee9abe083019532061b4438065", "lessThan": "842a40c7273ba1c1cb30dda50405b328de1d860e", "status": "affected", "versionType": "git"}, {"version": "d519e17e2d01a0ee9abe083019532061b4438065", "lessThan": "7a8d98b6d6484d3ad358510366022da080c37cbc", "status": "affected", "versionType": "git"}, {"version": "d519e17e2d01a0ee9abe083019532061b4438065", "lessThan": "9bba5955eed160102114d4cc00c3d399be9bdae4", "status": "affected", "versionType": "git"}, {"version": "d519e17e2d01a0ee9abe083019532061b4438065", "lessThan": "94ab317024ba373d37340893d1c0358638935fbb", "status": "affected", "versionType": "git"}, {"version": "d519e17e2d01a0ee9abe083019532061b4438065", "lessThan": "1d6d9b5b1b95bfeccb84386a51b7e6c510ec13b2", "status": "affected", "versionType": "git"}, {"version": "d519e17e2d01a0ee9abe083019532061b4438065", "lessThan": "a699781c79ecf6cfe67fb00a0331b4088c7c8466", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/core/net-sysfs.c", "net/ethtool/ioctl.c"], "versions": [{"version": "2.6.33", "status": "affected"}, {"version": "0", "lessThan": "2.6.33", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.283", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.225", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.166", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.108", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.49", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.8", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.33", "versionEndExcluding": "5.4.283"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.33", "versionEndExcluding": "5.10.225"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.33", "versionEndExcluding": "5.15.166"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.33", "versionEndExcluding": "6.1.108"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.33", "versionEndExcluding": "6.6.49"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.33", "versionEndExcluding": "6.10.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.33", "versionEndExcluding": "6.11"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/ec7b4f7f644018ac293cb1b02528a40a32917e62"}, {"url": "https://git.kernel.org/stable/c/842a40c7273ba1c1cb30dda50405b328de1d860e"}, {"url": "https://git.kernel.org/stable/c/7a8d98b6d6484d3ad358510366022da080c37cbc"}, {"url": "https://git.kernel.org/stable/c/9bba5955eed160102114d4cc00c3d399be9bdae4"}, {"url": "https://git.kernel.org/stable/c/94ab317024ba373d37340893d1c0358638935fbb"}, {"url": "https://git.kernel.org/stable/c/1d6d9b5b1b95bfeccb84386a51b7e6c510ec13b2"}, {"url": "https://git.kernel.org/stable/c/a699781c79ecf6cfe67fb00a0331b4088c7c8466"}], "title": "ethtool: check device is present when getting link settings", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-29T15:10:05.131175Z", "id": "CVE-2024-46679", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T15:10:19.475Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-46679", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-29T15:10:05.131175Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T15:10:09.336Z"}}], "cna": {"title": "ethtool: check device is present when getting link settings", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d519e17e2d01", "lessThan": "ec7b4f7f6440", "versionType": "git"}, {"status": "affected", "version": "d519e17e2d01", "lessThan": "842a40c7273b", "versionType": "git"}, {"status": "affected", "version": "d519e17e2d01", "lessThan": "7a8d98b6d648", "versionType": "git"}, {"status": "affected", "version": "d519e17e2d01", "lessThan": "9bba5955eed1", "versionType": "git"}, {"status": "affected", "version": "d519e17e2d01", "lessThan": "94ab317024ba", "versionType": "git"}, {"status": "affected", "version": "d519e17e2d01", "lessThan": "1d6d9b5b1b95", "versionType": "git"}, {"status": "affected", "version": "d519e17e2d01", "lessThan": "a699781c79ec", "versionType": "git"}], "programFiles": ["net/core/net-sysfs.c", "net/ethtool/ioctl.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.33"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.33", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.283", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.225", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.166", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.108", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.49", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.8", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/core/net-sysfs.c", "net/ethtool/ioctl.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/ec7b4f7f644018ac293cb1b02528a40a32917e62"}, {"url": "https://git.kernel.org/stable/c/842a40c7273ba1c1cb30dda50405b328de1d860e"}, {"url": "https://git.kernel.org/stable/c/7a8d98b6d6484d3ad358510366022da080c37cbc"}, {"url": "https://git.kernel.org/stable/c/9bba5955eed160102114d4cc00c3d399be9bdae4"}, {"url": "https://git.kernel.org/stable/c/94ab317024ba373d37340893d1c0358638935fbb"}, {"url": "https://git.kernel.org/stable/c/1d6d9b5b1b95bfeccb84386a51b7e6c510ec13b2"}, {"url": "https://git.kernel.org/stable/c/a699781c79ecf6cfe67fb00a0331b4088c7c8466"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: check device is present when getting link settings\n\nA sysfs reader can race with a device reset or removal, attempting to\nread device state when the device is not actually present. eg:\n\n [exception RIP: qed_get_current_link+17]\n #8 [ffffb9e4f2907c48] qede_get_link_ksettings at ffffffffc07a994a [qede]\n #9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings at ffffffff992b01a3\n #10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings at ffffffff992b04e4\n #11 [ffffb9e4f2907d90] duplex_show at ffffffff99260300\n #12 [ffffb9e4f2907e38] dev_attr_show at ffffffff9905a01c\n #13 [ffffb9e4f2907e50] sysfs_kf_seq_show at ffffffff98e0145b\n #14 [ffffb9e4f2907e68] seq_read at ffffffff98d902e3\n #15 [ffffb9e4f2907ec8] vfs_read at ffffffff98d657d1\n #16 [ffffb9e4f2907f00] ksys_read at ffffffff98d65c3f\n #17 [ffffb9e4f2907f38] do_syscall_64 at ffffffff98a052fb\n\n crash> struct net_device.state ffff9a9d21336000\n state = 5,\n\nstate 5 is __LINK_STATE_START (0b1) and __LINK_STATE_NOCARRIER (0b100).\nThe device is not present, note lack of __LINK_STATE_PRESENT (0b10).\n\nThis is the same sort of panic as observed in commit 4224cfd7fb65\n(\"net-sysfs: add check for netdevice being present to speed_show\").\n\nThere are many other callers of __ethtool_get_link_ksettings() which\ndon't have a device presence check.\n\nMove this check into ethtool to protect all callers."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:44:31.709Z"}}}, "cveMetadata": {"cveId": "CVE-2024-46679", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:44:31.709Z", "dateReserved": "2024-09-11T15:12:18.248Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-09-13T05:29:13.450Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "93E0D2BD-DD6D-4BF8-95C9-8A916A497BDB", "versionEndExcluding": "5.4.283", "versionStartIncluding": "2.6.33", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C57B46A9-B105-4792-8481-1870DEFB436A", "versionEndExcluding": "5.10.225", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "913ED6CD-8ACF-48AF-AA18-7880881DD402", "versionEndExcluding": "5.15.166", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B5BE381-F079-43D9-AEF2-931856B13219", "versionEndExcluding": "6.1.108", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1191B7F1-F275-45F5-9E82-A012FF517BFA", "versionEndExcluding": "6.6.49", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B5D46C3-56A4-4380-9309-27BF73DF29A7", "versionEndExcluding": "6.10.8", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*", "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*", "matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: check device is present when getting link settings\n\nA sysfs reader can race with a device reset or removal, attempting to\nread device state when the device is not actually present. eg:\n\n [exception RIP: qed_get_current_link+17]\n #8 [ffffb9e4f2907c48] qede_get_link_ksettings at ffffffffc07a994a [qede]\n #9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings at ffffffff992b01a3\n #10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings at ffffffff992b04e4\n #11 [ffffb9e4f2907d90] duplex_show at ffffffff99260300\n #12 [ffffb9e4f2907e38] dev_attr_show at ffffffff9905a01c\n #13 [ffffb9e4f2907e50] sysfs_kf_seq_show at ffffffff98e0145b\n #14 [ffffb9e4f2907e68] seq_read at ffffffff98d902e3\n #15 [ffffb9e4f2907ec8] vfs_read at ffffffff98d657d1\n #16 [ffffb9e4f2907f00] ksys_read at ffffffff98d65c3f\n #17 [ffffb9e4f2907f38] do_syscall_64 at ffffffff98a052fb\n\n crash> struct net_device.state ffff9a9d21336000\n state = 5,\n\nstate 5 is __LINK_STATE_START (0b1) and __LINK_STATE_NOCARRIER (0b100).\nThe device is not present, note lack of __LINK_STATE_PRESENT (0b10).\n\nThis is the same sort of panic as observed in commit 4224cfd7fb65\n(\"net-sysfs: add check for netdevice being present to speed_show\").\n\nThere are many other callers of __ethtool_get_link_ksettings() which\ndon't have a device presence check.\n\nMove this check into ethtool to protect all callers."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ethtool: comprobar la presencia del dispositivo al obtener la configuraci\u00f3n del enlace Un lector sysfs puede competir con un reinicio o eliminaci\u00f3n del dispositivo, intentando leer el estado del dispositivo cuando este no est\u00e1 realmente presente. p. ej.: [excepci\u00f3n RIP: qed_get_current_link+17] #8 [ffffb9e4f2907c48] qede_get_link_ksettings en ffffffffc07a994a [qede] #9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings en ffffffff992b01a3 #10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings en ffffffff992b04e4 #11 [ffffb9e4f2907d90] duplex_show en ffffffff99260300 #12 [ffffb9e4f2907e38] dev_attr_show en ffffffff9905a01c #13 [ffffb9e4f2907e50] sysfs_kf_seq_show en ffffffff98e0145b #14 [ffffb9e4f2907e68] seq_read en ffffffff98d902e3 #15 [ffffb9e4f2907ec8] vfs_read en ffffffff98d657d1 #16 [ffffb9e4f2907f00] ksys_read en ffffffff98d65c3f #17 [ffffb9e4f2907f38] do_syscall_64 en ffffffff98a052fb bloqueo> estructura net_device.state ffff9a9d21336000 estado = 5, el estado 5 es __LINK_STATE_START (0b1) y __LINK_STATE_NOCARRIER (0b100). El dispositivo no est\u00e1 presente, note la falta de __LINK_STATE_PRESENT (0b10). Este es el mismo tipo de p\u00e1nico que se observa en el commit 4224cfd7fb65 (\"net-sysfs: agregar verificaci\u00f3n de presencia de netdevice a speed_show\"). Hay muchos otros invocadores de __ethtool_get_link_ksettings() que no tienen una verificaci\u00f3n de presencia de dispositivo. Mueva esta verificaci\u00f3n a ethtool para proteger a todos los invocadores."}], "id": "CVE-2024-46679", "lastModified": "2024-09-23T14:47:23.287", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-09-13T06:15:12.530", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1d6d9b5b1b95bfeccb84386a51b7e6c510ec13b2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7a8d98b6d6484d3ad358510366022da080c37cbc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/842a40c7273ba1c1cb30dda50405b328de1d860e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/94ab317024ba373d37340893d1c0358638935fbb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9bba5955eed160102114d4cc00c3d399be9bdae4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a699781c79ecf6cfe67fb00a0331b4088c7c8466"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ec7b4f7f644018ac293cb1b02528a40a32917e62"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8856", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-11-05T00:00:00Z"}], "bugzilla": {"description": "kernel: ethtool: check device is present when getting link settings", "id": "2312067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312067"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nethtool: check device is present when getting link settings\nA sysfs reader can race with a device reset or removal, attempting to\nread device state when the device is not actually present. eg:\n[exception RIP: qed_get_current_link+17]\n#8 [ffffb9e4f2907c48] qede_get_link_ksettings at ffffffffc07a994a [qede]\n#9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings at ffffffff992b01a3\n#10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings at ffffffff992b04e4\n#11 [ffffb9e4f2907d90] duplex_show at ffffffff99260300\n#12 [ffffb9e4f2907e38] dev_attr_show at ffffffff9905a01c\n#13 [ffffb9e4f2907e50] sysfs_kf_seq_show at ffffffff98e0145b\n#14 [ffffb9e4f2907e68] seq_read at ffffffff98d902e3\n#15 [ffffb9e4f2907ec8] vfs_read at ffffffff98d657d1\n#16 [ffffb9e4f2907f00] ksys_read at ffffffff98d65c3f\n#17 [ffffb9e4f2907f38] do_syscall_64 at ffffffff98a052fb\ncrash> struct net_device.state ffff9a9d21336000\nstate = 5,\nstate 5 is __LINK_STATE_START (0b1) and __LINK_STATE_NOCARRIER (0b100).\nThe device is not present, note lack of __LINK_STATE_PRESENT (0b10).\nThis is the same sort of panic as observed in commit 4224cfd7fb65\n(\"net-sysfs: add check for netdevice being present to speed_show\").\nThere are many other callers of __ethtool_get_link_ksettings() which\ndon't have a device presence check.\nMove this check into ethtool to protect all callers.", "A flaw was found in ethtool in the Linux kernel, where sysfs reader getting link settings can attempt to read the device state on a device that is not present, leading to a crash."], "name": "CVE-2024-46679", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-09-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-46679\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-46679\nhttps://lore.kernel.org/linux-cve-announce/2024091336-CVE-2024-46679-3527@gregkh/T"], "threat_severity": "Moderate"}

{}