CVE-2024-36974

net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the kernel, the second time taprio_change() is called. First call (with valid attributes) sets dev->num_tc to a non zero value. Second call (with arbitrary mqprio attributes) returns early from taprio_parse_mqprio_opt() and bad things can happen.

N/A
CVSS
Severity:
EPSS 0.11%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/c6041e7124464ce7e896ee3f912897ce88a0c4ec
https://git.kernel.org/stable/c/6db4af09987cc5d5f0136bd46148b0e0460dae5b
https://git.kernel.org/stable/c/d3dde4c217f0c31ab0621912e682b57e677dd923
https://git.kernel.org/stable/c/0bf6cc96612bd396048f57d63f1ad454a846e39c
https://git.kernel.org/stable/c/724050ae4b76e4fae05a923cb54101d792cf4404
https://git.kernel.org/stable/c/c37a27a35eadb59286c9092c49c241270c802ae2
https://git.kernel.org/stable/c/f921a58ae20852d188f70842431ce6519c4fdc36

Frequently Asked Questions

What is the severity of CVE-2024-36974?
CVE-2024-36974 has not yet been assigned a CVSS score.
How to fix CVE-2024-36974?
To fix CVE-2024-36974, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-36974 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-36974 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-36974?
CVE-2024-36974 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.