{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T01:02:07.824","vulnerabilities":[{"cve":{"id":"CVE-2024-50094","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-11-05T17:15:06.733","lastModified":"2025-10-01T21:15:45.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: Don't invoke xdp_do_flush() from netpoll.\n\nYury reported a crash in the sfc driver originated from\nnetpoll_send_udp(). The netconsole sends a message and then netpoll\ninvokes the driver's NAPI function with a budget of zero. It is\ndedicated to allow driver to free TX resources, that it may have used\nwhile sending the packet.\n\nIn the netpoll case the driver invokes xdp_do_flush() unconditionally,\nleading to crash because bpf_net_context was never assigned.\n\nInvoke xdp_do_flush() only if budget is not zero."},{"lang":"es","value":" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sfc: No invoque xdp_do_flush() desde netpoll. Yury informó de un fallo en el controlador sfc originado desde netpoll_send_udp(). La netconsole envía un mensaje y luego netpoll invoca la función NAPI del controlador con un presupuesto de cero. Está dedicada a permitir que el controlador libere recursos TX, que puede haber usado al enviar el paquete. En el caso de netpoll, el controlador invoca xdp_do_flush() incondicionalmente, lo que provoca un fallo porque bpf_net_context nunca se asignó. Invoque xdp_do_flush() solo si el presupuesto no es cero."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.4","matchCriteriaId":"66F99BD9-E74F-4CC8-834E-B73BD4643C7B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*","matchCriteriaId":"7F361E1D-580F-4A2D-A509-7615F73167A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/55e802468e1d38dec8e25a2fdb6078d45b647e8c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/65d4fc76d75c136744e67754d20feda609e7b793","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}