Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: MIPS: Octeon: Add PCIe link status check The standard PCIe configuration read-write interface is used to access the configuration space of the peripheral PCIe devices of the mips processor after the PCIe link surprise down, it can generate kernel panic caused by "Data bus error". So it is necessary to add PCIe link status check for system protection. When the PCIe link is down or in training, assigning a value of 0 to the configuration address can prevent read-write behavior to the configuration space of peripheral PCIe devices, thereby preventing kernel panic.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 4.19.317 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0Patch
- https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799Patch
- https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7Patch
- https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9Patch
- https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aeePatch
- https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419Patch
- https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814aPatch
- https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62Patch
- https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0Patch
- https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799Patch
- https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7Patch
- https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9Patch
- https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aeePatch
- https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419Patch
- https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814aPatch
FAQ
What is CVE-2024-40968?
CVE-2024-40968 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: MIPS: Octeon: Add PCIe link status check The standard PCIe configuration read-write interface is used to access the configuration ...
How severe is CVE-2024-40968?
CVE-2024-40968 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-40968?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.