CVE-2024-42230Resource Injection in Linux

CWE-99Resource Injection52 documents7 sources
Severity
4.4MEDIUMNVD
OSV8.8OSV5.5
EPSS
0.0%
top 97.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
LinuxLinux KernelDebian Linux+4 more
Timeline
PublishedJul 30
Latest updateJul 18

Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv instructions after AIL is disabled, which causes an interrupt at an unexpected entry location that crashes the kernel. Change the kexec sequence to disable AIL after other CPUs have been brought down. As a refresher, th

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages9 packages

NVDlinux/linux_kernel5.96.1.98+3
Debianlinux/linux_kernel< 6.1.98-1+2
Ubuntulinux/linux_kernel< 5.15.0-142.152+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

25
OSV
linux-intel-iotg-5.15 vulnerabilities2025-07-18
OSV
linux-raspi vulnerabilities2025-07-17
OSV
linux-intel-iotg vulnerabilities2025-07-04
OSV
linux-xilinx-zynqmp vulnerabilities2025-06-26
OSV
linux-aws vulnerabilities2025-06-24

📋Vendor Advisories

26
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2025-07-18
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-07-17
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2025-07-04
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2025-06-26
Ubuntu
Linux kernel (AWS) vulnerabilities2025-06-24