CVE-2024-49977

net: stmmac: Fix zero-division error when disabling tc cbs

Description

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error when disabling tc cbs The commit b8c43360f6e4 ("net: stmmac: No need to calculate speed divider when offload is disabled") allows the "port_transmit_rate_kbps" to be set to a value of 0, which is then passed to the "div_s64" function when tc-cbs is disabled. This leads to a zero-division error. When tc-cbs is disabled, the idleslope, sendslope, and credit values the credit values are not required to be configured. Therefore, adding a return statement after setting the txQ mode to DCB when tc-cbs is disabled would prevent a zero-division error.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/e33fe25b1efe4f2e6a5858786dbc82ae4c44ed4c patch
https://git.kernel.org/stable/c/b0da9504a528f05f97d926b4db74ff21917a33e9 patch
https://git.kernel.org/stable/c/5d43e1ad4567d67af2b42d3ab7c14152ffed25c6 patch
https://git.kernel.org/stable/c/03582f4752427f60817d896f1a827aff772bd31e patch
https://git.kernel.org/stable/c/e297a2bf56d12fd7f91a0c209eb6ea84361f3368 patch
https://git.kernel.org/stable/c/837d9df9c0792902710149d1a5e0991520af0f93 patch
https://git.kernel.org/stable/c/675faf5a14c14a2be0b870db30a70764df81e2df patch

Frequently Asked Questions

What is the severity of CVE-2024-49977?
CVE-2024-49977 has been scored as a medium severity vulnerability.
How to fix CVE-2024-49977?
To fix CVE-2024-49977, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-49977 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-49977 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-49977?
CVE-2024-49977 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.