CVE-2024-40968

MIPS: Octeon: Add PCIe link status check

Description

In the Linux kernel, the following vulnerability has been resolved: MIPS: Octeon: Add PCIe link status check The standard PCIe configuration read-write interface is used to access the configuration space of the peripheral PCIe devices of the mips processor after the PCIe link surprise down, it can generate kernel panic caused by "Data bus error". So it is necessary to add PCIe link status check for system protection. When the PCIe link is down or in training, assigning a value of 0 to the configuration address can prevent read-write behavior to the configuration space of peripheral PCIe devices, thereby preventing kernel panic.

N/A
CVSS
Severity:
EPSS 0.26%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/6bff05aaa32c2f7e1f6e68e890876642159db419
https://git.kernel.org/stable/c/64845ac64819683ad5e51b668b2ed56ee3386aee
https://git.kernel.org/stable/c/6c1b9fe148a4e03bbfa234267ebb89f35285814a
https://git.kernel.org/stable/c/25998f5613159fe35920dbd484fcac7ea3ad0799
https://git.kernel.org/stable/c/d996deb80398a90dd3c03590e68dad543da87d62
https://git.kernel.org/stable/c/1c33fd17383f48f679186c54df78542106deeaa0
https://git.kernel.org/stable/c/38d647d509543e9434b3cc470b914348be271fe9
https://git.kernel.org/stable/c/29b83a64df3b42c88c0338696feb6fdcd7f1f3b7

Frequently Asked Questions

What is the severity of CVE-2024-40968?
CVE-2024-40968 has not yet been assigned a CVSS score.
How to fix CVE-2024-40968?
To fix CVE-2024-40968, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-40968 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-40968 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-40968?
CVE-2024-40968 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.