CVE-2024-53162 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb
https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1
https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88
https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6
https://lore.kernel.org/linux-cve-announce/2024122431-CVE-2024-53162-25cd@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-53162
https://www.cve.org/CVERecord?id=CVE-2024-53162

History

Thu, 26 Dec 2024 02:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Important`	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H'}` threat_severity `Moderate`

Wed, 25 Dec 2024 13:30:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2024122431-CVE-2024-53162-25cd@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-53162 https://www.cve.org/CVERecord?id=CVE-2024-53162
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Important`

Tue, 24 Dec 2024 11:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.
Title		crypto: qat/qat_4xxx - fix off by one in uof_get_name()
References		https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1 https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88 https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-12-24T11:29:10.439Z

Updated: 2025-01-20T06:20:06.543Z

Reserved: 2024-11-19T17:17:25.003Z

Link: CVE-2024-53162

Vulnrichment

No data.

NVD

Status : Received

Published: 2024-12-24T12:15:24.567

Modified: 2024-12-24T12:15:24.567

Link: CVE-2024-53162

Redhat

Severity : Moderate

Publid Date: 2024-12-24T00:00:00Z

Links: CVE-2024-53162 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-53162", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-11-19T17:17:25.003Z", "datePublished": "2024-12-24T11:29:10.439Z", "dateUpdated": "2025-01-20T06:20:06.543Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-01-20T06:20:06.543Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\n\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c"], "versions": [{"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "05c9a7a5344425860202a8f3efea4d8ed2d10edb", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "e69d2845aaa080960f38761f78fd25aa856620c6", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "700852528fc5295897d6089eea0656d67f9b9d88", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "475b5098043eef6e72751aadeab687992a5b63d1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.64", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.11", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.2", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb"}, {"url": "https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6"}, {"url": "https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88"}, {"url": "https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1"}], "title": "crypto: qat/qat_4xxx - fix off by one in uof_get_name()", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{"bugzilla": {"description": "kernel: crypto: qat/qat_4xxx - fix off by one in uof_get_name()", "id": "2333981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333981"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, prevent module qat_4xxx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."}, "name": "CVE-2024-53162", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-12-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-53162\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-53162\nhttps://lore.kernel.org/linux-cve-announce/2024122431-CVE-2024-53162-25cd@gregkh/T"], "statement": "Actual only for latest versions of Red Hat Enterprise Linux 9. The security impact is limited, because read out of bounds could happen only for specific cases when qat/qat_4xxx crypto accelerator being used.", "threat_severity": "Moderate"}