CVE-2024-57838Resource Exposure in Linux

CWE-668Resource ExposureCWE-770Allocation of Resources Without Limits or Throttling55 documents6 sources
Severity
7.1HIGHNVD
OSV8.8OSV7.8
EPSS
0.0%
top 97.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedJan 11
Latest updateMay 26

Description

In the Linux kernel, the following vulnerability has been resolved: s390/entry: Mark IRQ entries to fix stack depot warnings The stack depot filters out everything outside of the top interrupt context as an uninteresting or irrelevant part of the stack traces. This helps with stack trace de-duplication, avoiding an explosion of saved stack traces that share the same IRQ context code path but originate from different randomly interrupted points, eventually exhausting the stack depot. Filtering

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages6 packages

NVDlinux/linux_kernel5.166.1.120+3
Debianlinux/linux_kernel< 6.1.123-1+2
Ubuntulinux/linux_kernel< 5.15.0-135.146+1
CVEListV5linux/linuxe940066089490efde86abc519593be84362f4e535bb7a2c3afcf8732dc65ea49c09147b07da1d993+4
debiandebian/linux< linux 6.1.123-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

27
OSV
linux-raspi vulnerabilities2025-05-26
OSV
linux-raspi-realtime vulnerabilities2025-05-20
OSV
linux-gcp-5.15 vulnerabilities2025-04-28
OSV
linux-azure-nvidia vulnerabilities2025-04-28
OSV
linux-intel-iotg-5.15 vulnerabilities2025-04-24

📋Vendor Advisories

27
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-05-26
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities2025-05-20
Ubuntu
Linux kernel (GCP) vulnerabilities2025-04-28
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities2025-04-28
Ubuntu
Linux kernel (IBM) vulnerabilities2025-04-24