Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

CVE-2024-42291 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2024-42291

CVE-2024-42291

MEDIUM5.5

ice: Add a per-VF limit on number of FDIR filters

Published Aug 17, 2024

Modified 5 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

ice: Add a per-VF limit on number of FDIR filters

While the iavf driver adds a s/w limit (128) on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust the resources for other VFs.

Add a similar limit in ice.

References

WEB

https://git.kernel.org/stable/c/292081c4e7f575a79017d5cbe1a0ec042783976f

WEB

https://git.kernel.org/stable/c/6ebbe97a488179f5dc85f2f1e0c89b486e99ee97

WEB

https://git.kernel.org/stable/c/8e02cd98a6e24389d476e28436d41e620ed8e559

WEB

https://git.kernel.org/stable/c/d62389073a5b937413e2d1bc1da06ccff5103c0c

WEB

https://git.kernel.org/stable/c/e81b674ead8e2172b2a69e7b45e079239ace4dbc

WEB

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2024-42291

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedAug 17, 2024

ModifiedNov 3, 2025