Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-38616

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-19 Jun, 2024 | 13:56
Updated At-04 May, 2025 | 09:15
Rejected At-
Credits

wifi: carl9170: re-fix fortified-memset warning

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170_tx_release() function sometimes triggers a fortified-memset warning in my randconfig builds: In file included from include/linux/string.h:254, from drivers/net/wireless/ath/carl9170/tx.c:40: In function 'fortify_memset_chk', inlined from 'carl9170_tx_release' at drivers/net/wireless/ath/carl9170/tx.c:283:2, inlined from 'kref_put' at include/linux/kref.h:65:3, inlined from 'carl9170_tx_put_skb' at drivers/net/wireless/ath/carl9170/tx.c:342:9: include/linux/fortify-string.h:493:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] 493 | __write_overflow_field(p_size_field, size); Kees previously tried to avoid this by using memset_after(), but it seems this does not fully address the problem. I noticed that the memset_after() here is done on a different part of the union (status) than the original cast was from (rate_driver_data), which may confuse the compiler. Unfortunately, the memset_after() trick does not work on driver_rates[] because that is part of an anonymous struct, and I could not get struct_group() to do this either. Using two separate memset() calls on the two members does address the warning though.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:19 Jun, 2024 | 13:56
Updated At:04 May, 2025 | 09:15
Rejected At:
▼CVE Numbering Authority (CNA)
wifi: carl9170: re-fix fortified-memset warning

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170_tx_release() function sometimes triggers a fortified-memset warning in my randconfig builds: In file included from include/linux/string.h:254, from drivers/net/wireless/ath/carl9170/tx.c:40: In function 'fortify_memset_chk', inlined from 'carl9170_tx_release' at drivers/net/wireless/ath/carl9170/tx.c:283:2, inlined from 'kref_put' at include/linux/kref.h:65:3, inlined from 'carl9170_tx_put_skb' at drivers/net/wireless/ath/carl9170/tx.c:342:9: include/linux/fortify-string.h:493:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] 493 | __write_overflow_field(p_size_field, size); Kees previously tried to avoid this by using memset_after(), but it seems this does not fully address the problem. I noticed that the memset_after() here is done on a different part of the union (status) than the original cast was from (rate_driver_data), which may confuse the compiler. Unfortunately, the memset_after() trick does not work on driver_rates[] because that is part of an anonymous struct, and I could not get struct_group() to do this either. Using two separate memset() calls on the two members does address the warning though.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/wireless/ath/carl9170/tx.c
Default Status
unaffected
Versions
Affected
  • From fb5f6a0e8063b7a84d6d44ef353846ccd7708d2e before 13857683126e8a6492af73c74d702835f7a2175b (git)
  • From fb5f6a0e8063b7a84d6d44ef353846ccd7708d2e before 87586467098281f04fa93e59fe3a516b954bddc4 (git)
  • From fb5f6a0e8063b7a84d6d44ef353846ccd7708d2e before 0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83 (git)
  • From fb5f6a0e8063b7a84d6d44ef353846ccd7708d2e before 042a39bb8e0812466327a5102606e88a5a4f8c02 (git)
  • From fb5f6a0e8063b7a84d6d44ef353846ccd7708d2e before 066afafc10c9476ee36c47c9062527a17e763901 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/net/wireless/ath/carl9170/tx.c
Default Status
affected
Versions
Affected
  • 5.17
Unaffected
  • From 0 before 5.17 (semver)
  • From 6.1.93 through 6.1.* (semver)
  • From 6.6.33 through 6.6.* (semver)
  • From 6.8.12 through 6.8.* (semver)
  • From 6.9.3 through 6.9.* (semver)
  • From 6.10 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b
N/A
https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4
N/A
https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83
N/A
https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02
N/A
https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901
N/A
Hyperlink: https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From fb5f6a0e8063 before 13857683126e (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From fb5f6a0e8063 before 875864670982 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From fb5f6a0e8063 before 0c38c9c460bb (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From fb5f6a0e8063 before 042a39bb8e08 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From fb5f6a0e8063 before 066afafc10c9 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 5.17
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 0 before 5.17 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 6.1.93 through 6.2 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 6.6.33 through 6.7 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 6.8.12 through 6.9 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • From 6.9.3 t through 6.10 (custom)
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Unaffected
  • 6.10_rc1
Problem Types
TypeCWE IDDescription
CWECWE-400CWE-400 Uncontrolled Resource Consumption
Type: CWE
CWE ID: CWE-400
Description: CWE-400 Uncontrolled Resource Consumption
Metrics
VersionBase scoreBase severityVector
3.18.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b
x_transferred
https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4
x_transferred
https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83
x_transferred
https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02
x_transferred
https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901
x_transferred
Hyperlink: https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:19 Jun, 2024 | 14:15
Updated At:01 Apr, 2025 | 18:27

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170_tx_release() function sometimes triggers a fortified-memset warning in my randconfig builds: In file included from include/linux/string.h:254, from drivers/net/wireless/ath/carl9170/tx.c:40: In function 'fortify_memset_chk', inlined from 'carl9170_tx_release' at drivers/net/wireless/ath/carl9170/tx.c:283:2, inlined from 'kref_put' at include/linux/kref.h:65:3, inlined from 'carl9170_tx_put_skb' at drivers/net/wireless/ath/carl9170/tx.c:342:9: include/linux/fortify-string.h:493:25: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] 493 | __write_overflow_field(p_size_field, size); Kees previously tried to avoid this by using memset_after(), but it seems this does not fully address the problem. I noticed that the memset_after() here is done on a different part of the union (status) than the original cast was from (rate_driver_data), which may confuse the compiler. Unfortunately, the memset_after() trick does not work on driver_rates[] because that is part of an anonymous struct, and I could not get struct_group() to do this either. Using two separate memset() calls on the two members does address the warning though.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.2HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Type: Secondary
Version: 3.1
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 5.17(inclusive) to 6.1.93(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.2(inclusive) to 6.6.33(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.7(inclusive) to 6.8.12(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 6.9(inclusive) to 6.9.3(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-400
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83af854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175baf854a3a-2127-422b-91ae-364da2661108
Patch
https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4af854a3a-2127-422b-91ae-364da2661108
Patch
Hyperlink: https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/042a39bb8e0812466327a5102606e88a5a4f8c02
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/066afafc10c9476ee36c47c9062527a17e763901
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/0c38c9c460bb8ce8d6f6cf316e0d71a70983ec83
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/13857683126e8a6492af73c74d702835f7a2175b
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://git.kernel.org/stable/c/87586467098281f04fa93e59fe3a516b954bddc4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

105Records found
CVE-2023-25568
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.58% / 68.54%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 00:00
Updated-13 Feb, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Boxo bitswap/server: DOS unbounded persistent memory leak

Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affects users accepting untrusted connections with the Bitswap server and also affects users using the old API stubs at `github.com/ipfs/go-libipfs/bitswap` because users then transitively import `github.com/ipfs/go-libipfs/bitswap/server`. Boxo versions 0.6.0 and 0.4.1 contain a patch for this issue. As a workaround, those who are using the stub object at `github.com/ipfs/go-libipfs/bitswap` not taking advantage of the features provided by the server can refactor their code to use the new split API that will allow them to run in a client only mode: `github.com/ipfs/go-libipfs/bitswap/client`.

Action-Not Available
Vendor-protocolipfs
Product-boxoboxo
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-9583
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.15% / 35.07%
||
7 Day CHG~0.00%
Published-14 Aug, 2019 | 19:47
Updated-04 Aug, 2024 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15.

Action-Not Available
Vendor-eq-3n/a
Product-homematic_ccu2_firmwarehomematic_ccu3_firmwarehomematic_ccu3homematic_ccu2n/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-10932
Matching Score-4
Assigner-Progress Software Corporation
ShareView Details
Matching Score-4
Assigner-Progress Software Corporation
CVSS Score-8.2||HIGH
EPSS-0.02% / 4.46%
||
7 Day CHG-0.00%
Published-29 Oct, 2025 | 14:12
Updated-30 Oct, 2025 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AS2 module allows uncontrolled file uploads

Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfer (AS2 module).This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.3, from 2024.1.0 before 2024.1.7, from 2023.1.0 before 2023.1.16.

Action-Not Available
Vendor-Progress Software Corporation
Product-MOVEit Transfer
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-53647
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 26.63%
||
7 Day CHG~0.00%
Published-31 Dec, 2024 | 16:14
Updated-29 Sep, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service.

Action-Not Available
Vendor-Apple Inc.Google LLCTrend Micro Incorporated
Product-androidiphone_osid_securityTrend Micro ID Security
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-2741
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-8.2||HIGH
EPSS-0.32% / 54.40%
||
7 Day CHG~0.00%
Published-31 Oct, 2022 | 17:45
Updated-05 May, 2025 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
can: denial-of-service can be triggered by a crafted CAN frame

The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. The frame must have a CAN ID matching an installed filter in the vulnerable node (this can easily be guessed based on CAN traffic analyses). The frame must contain the opposite RTR bit as what the filter installed in the vulnerable node contains (if the filter matches RTR frames, the frame must be a data frame or vice versa).

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found