{"timestamp":"2025-10-01T19:52:56.426501Z","id":"CVE-2024-57933","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/ethernet/google/gve/gve_main.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"fd8e40321a12391e6f554cc637d0c4b6109682a9","lessThan":"771d66f2bd8c4dba1286a9163ab982cecd825718","versionType":"git","status":"affected"},{"version":"fd8e40321a12391e6f554cc637d0c4b6109682a9","lessThan":"8e8d7037c89437af12725f454e2eaf40e8166c0f","versionType":"git","status":"affected"},{"version":"fd8e40321a12391e6f554cc637d0c4b6109682a9","lessThan":"40338d7987d810fcaa95c500b1068a52b08eec9b","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/ethernet/google/gve/gve_main.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.4","status":"affected"},{"version":"0","lessThan":"6.4","versionType":"semver","status":"unaffected"},{"version":"6.6.70","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.9","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.13","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-476

NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NIST CWE-476

OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.4 up to (excluding) 6.6.70
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.12.9
     *cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*
     *cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*
     *cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*
     *cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*
     *cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*

https://git.kernel.org/stable/c/40338d7987d810fcaa95c500b1068a52b08eec9b No Types Assigned

https://git.kernel.org/stable/c/40338d7987d810fcaa95c500b1068a52b08eec9b Patch

https://git.kernel.org/stable/c/771d66f2bd8c4dba1286a9163ab982cecd825718 No Types Assigned

https://git.kernel.org/stable/c/771d66f2bd8c4dba1286a9163ab982cecd825718 Patch

https://git.kernel.org/stable/c/8e8d7037c89437af12725f454e2eaf40e8166c0f No Types Assigned

https://git.kernel.org/stable/c/8e8d7037c89437af12725f454e2eaf40e8166c0f Patch

In the Linux kernel, the following vulnerability has been resolved:

gve: guard XSK operations on the existence of queues

This patch predicates the enabling and disabling of XSK pools on the
existence of queues. As it stands, if the interface is down, disabling
or enabling XSK pools would result in a crash, as the RX queue pointer
would be NULL. XSK pool registration will occur as part of the next
interface up.

Similarly, xsk_wakeup needs be guarded against queues disappearing
while the function is executing, so a check against the
GVE_PRIV_FLAGS_NAPI_ENABLED flag is added to synchronize with the
disabling of the bit and the synchronize_net() in gve_turndown.

https://git.kernel.org/stable/c/40338d7987d810fcaa95c500b1068a52b08eec9b

https://git.kernel.org/stable/c/771d66f2bd8c4dba1286a9163ab982cecd825718

https://git.kernel.org/stable/c/8e8d7037c89437af12725f454e2eaf40e8166c0f