CVE-2024-42291

ice: Add a per-VF limit on number of FDIR filters

Description

In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit (128) on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust the resources for other VFs. Add a similar limit in ice.

N/A

CVSS

Severity:

EPSS 0.13%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/e81b674ead8e2172b2a69e7b45e079239ace4dbc
https://git.kernel.org/stable/c/8e02cd98a6e24389d476e28436d41e620ed8e559
https://git.kernel.org/stable/c/d62389073a5b937413e2d1bc1da06ccff5103c0c
https://git.kernel.org/stable/c/292081c4e7f575a79017d5cbe1a0ec042783976f
https://git.kernel.org/stable/c/6ebbe97a488179f5dc85f2f1e0c89b486e99ee97

Frequently Asked Questions

What is the severity of CVE-2024-42291?: CVE-2024-42291 has not yet been assigned a CVSS score.
How to fix CVE-2024-42291?: To fix CVE-2024-42291, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-42291 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-42291 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-42291?: CVE-2024-42291 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.