Updated: 2026-02-27 02:20:59.10654
Description:
In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnl_num When query reg inf of SSU, it loops tnl_num times. However, tnl_num comes from hardware and the length of array is a fixed value. To void array out of bound, make sure the loop time is not greater than the length of array
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:18 | Not affected: this flaw is specific to the Hisilicon hns3 driver’s SSU register-info query loop th... | |
| CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:19 | CVE-2024-46833 targets the Hisilicon hns3 Ethernet driver’s SSU register-query path, where a hardw... | |
| CentOS 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:16 | Not affected: CVE-2024-46833 targets the Hisilicon hns3 Ethernet driver’s SSU register query path ... | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:16 | Not affected. CVE‑2024‑46833 targets an out‑of‑bounds loop in the HNS3 driver’s error‑ha... | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:17 | Not affected. CVE‑2024‑46833 targets an out‑of‑bounds loop in the HNS3 driver’s error‑ha... | |
| CentOS Stream 8 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:15 | Not affected. CVE‑2024‑46833 targets an out‑of‑bounds loop in the HNS3 driver’s error‑ha... | |
| CloudLinux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:18 | ||
| CloudLinux 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:15 | Not affected: CVE-2024-46833 targets the Hisilicon hns3 Ethernet driver’s SSU register query path ... | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2024-10-16 23:53:16 | CVE-2024-46833 targets the Hisilicon hns3 Ethernet driver’s SSU register-query path, where a hardw... | |
| Oracle Linux 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Not Vulnerable | 2025-05-12 04:24:55 | Not affected: CVE-2024-46833 targets the Hisilicon hns3 Ethernet driver’s SSU register query path ... |