CNVD-2024-14770 — Vulnetix

CNVD-2024-14770 PUBLISHED CVSS 5.5 MEDIUM

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在拒绝服务漏洞，该漏洞源于drivers/dpll/dpll_netlink.c中的dpll_pin_parent_pin_set()发现包含空指针取消引用。攻击者可利用该漏洞导致拒绝服务。

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 9	0:5.14.0-362.18.1.el9_3, 0:5.14.0-362.18.1.el9_3
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 6
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	0:5.14.0-284.48.1.el9_2
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	0:5.14.0-284.48.1.rt14.333.el9_2

Exploit Intelligence

CIRCL seen: CVE-2023-6679 (circl-sighting)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/ (circl)
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBVHM4LGMFIHBN4UBESYRFMYX3WUICV5/ (circl)
RHSA-2024:0439 (circl)
RHSA-2024:0448 (circl)
RHSA-2024:0461 (circl)
https://access.redhat.com/security/cve/CVE-2023-6679 (circl)
RHBZ#2253986 (circl)
https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/ (circl)

Timeline

Dec 11, 2023 CVE Published
Dec 13, 2023 CVE ID Reserved
Jan 1, 2024 PoC Published
May 31, 2026 Distribution Patch
May 31, 2026 Distribution Patch
May 31, 2026 Distribution Patch
May 31, 2026 Security Advisory
May 31, 2026 Security Advisory
May 31, 2026 Security Advisory

References

RHSA-2024:0439 vendor-advisory
RHSA-2024:0448 vendor-advisory
RHSA-2024:0461 vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-6679 vdb
RHBZ#2253986 issue
https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/ url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/ url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBVHM4LGMFIHBN4UBESYRFMYX3WUICV5/ url

Open in Interactive Console →