{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T17:06:19.605","vulnerabilities":[{"cve":{"id":"CVE-2024-46834","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-09-27T13:15:15.660","lastModified":"2024-10-09T15:57:03.037","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: fail closed if we can't get max channel used in indirection tables\n\nCommit 0d1b7d6c9274 (\"bnxt: fix crashes when reducing ring count with\nactive RSS contexts\") proves that allowing indirection table to contain\nchannels with out of bounds IDs may lead to crashes. Currently the\nmax channel check in the core gets skipped if driver can't fetch\nthe indirection table or when we can't allocate memory.\n\nBoth of those conditions should be extremely rare but if they do\nhappen we should try to be safe and fail the channel change."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ethtool: error cerrado si no podemos obtener el canal máximo usado en las tablas de indirección. El commit 0d1b7d6c9274 (\"bnxt: corregir fallos al reducir el recuento de anillos con contextos RSS activos\") demuestra que permitir que la tabla de indirección contenga canales con identificadores fuera de los límites puede provocar fallos. Actualmente, la comprobación del canal máximo en el núcleo se omite si el controlador no puede obtener la tabla de indirección o cuando no podemos asignar memoria. Ambas condiciones deberían ser extremadamente raras, pero si ocurren, debemos intentar ser seguros y fallar el cambio de canal."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.10.10","matchCriteriaId":"75C6119D-9E8D-431D-813F-FE84579072CB"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/101737d8b88dbd4be6010bac398fe810f1950036","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2899d58462ba868287d6ff3acad3675e7adf934f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}