CVE-2024-53162 - Vulnerability Details - OpenCVE

Description

In the Linux kernel, the following vulnerability has been resolved:

crypto: qat/qat_4xxx - fix off by one in uof_get_name()

The fw_objs[] array has "num_objs" elements so the > needs to be >= to
prevent an out of bounds read.

Published: 2024-12-24

Score: 7.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

Linux

unaffected

Version	Status	Constraints
`10484c647af6b1952d1675e83be9cc976cdb6a96`	affected	< 05c9a7a5344425860202a8f3efea4d8ed2d10edb
`10484c647af6b1952d1675e83be9cc976cdb6a96`	affected	< e69d2845aaa080960f38761f78fd25aa856620c6
`10484c647af6b1952d1675e83be9cc976cdb6a96`	affected	< 700852528fc5295897d6089eea0656d67f9b9d88
`10484c647af6b1952d1675e83be9cc976cdb6a96`	affected	< 475b5098043eef6e72751aadeab687992a5b63d1

Linux

Linux

affected

Version	Status	Constraints
`6.5`	affected	—
`0`	unaffected	< 6.5
`6.6.64`	unaffected	≤ 6.6.*
`6.11.11`	unaffected	≤ 6.11.*
`6.12.2`	unaffected	≤ 6.12.*
`6.13`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-51834	In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.
Ubuntu USN	USN-7276-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7277-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7310-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7449-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7449-2	Linux kernel (HWE) vulnerabilities
Ubuntu USN	USN-7450-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7451-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7452-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7453-1	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-7468-1	Linux kernel (Azure, N-Series) vulnerabilities
Ubuntu USN	USN-7523-1	Linux kernel (Raspberry Pi Real-time) vulnerabilities
Ubuntu USN	USN-7524-1	Linux kernel (Raspberry Pi) vulnerabilities

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb
https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1
https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88
https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6
https://lore.kernel.org/linux-cve-announce/2024122431-CVE-2024-53162-25cd@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-53162
https://www.cve.org/CVERecord?id=CVE-2024-53162

History

Wed, 01 Oct 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00026}`	epss `{'score': 0.00027}`

Thu, 06 Mar 2025 13:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H'}`	cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H'}`

Thu, 26 Dec 2024 02:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Important`	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H'}` threat_severity `Moderate`

Wed, 25 Dec 2024 13:30:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2024122431-CVE-2024-53162-25cd@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-53162 https://www.cve.org/CVERecord?id=CVE-2024-53162
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Important`

Tue, 24 Dec 2024 11:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.
Title		crypto: qat/qat_4xxx - fix off by one in uof_get_name()
References		https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1 https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88 https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-12-24T11:29:10.439Z

Updated: 2026-05-11T20:52:02.459Z

Reserved: 2024-11-19T17:17:25.003Z

Link: CVE-2024-53162

Vulnrichment

Updated: 2025-10-01T15:36:23.137Z

NVD

Status : Modified

Published: 2024-12-24T12:15:24.567

Modified: 2025-10-01T21:16:38.627

Link: CVE-2024-53162

Redhat

Severity : Moderate

Publid Date: 2024-12-24T00:00:00Z

Links: CVE-2024-53162 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-125

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-53162", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-11-19T17:17:25.003Z", "datePublished": "2024-12-24T11:29:10.439Z", "dateUpdated": "2026-05-11T20:52:02.459Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:52:02.459Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\n\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c"], "versions": [{"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "05c9a7a5344425860202a8f3efea4d8ed2d10edb", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "e69d2845aaa080960f38761f78fd25aa856620c6", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "700852528fc5295897d6089eea0656d67f9b9d88", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "475b5098043eef6e72751aadeab687992a5b63d1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.64", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.11", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.2", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.6.64"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.11.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.12.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb"}, {"url": "https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6"}, {"url": "https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88"}, {"url": "https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1"}], "title": "crypto: qat/qat_4xxx - fix off by one in uof_get_name()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-53162", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T20:09:19.466365Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T20:17:07.954Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-53162", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-11-19T17:17:25.003Z", "datePublished": "2024-12-24T11:29:10.439Z", "dateUpdated": "2025-05-04T09:54:35.926Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:54:35.926Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\n\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c"], "versions": [{"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "05c9a7a5344425860202a8f3efea4d8ed2d10edb", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "e69d2845aaa080960f38761f78fd25aa856620c6", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "700852528fc5295897d6089eea0656d67f9b9d88", "status": "affected", "versionType": "git"}, {"version": "10484c647af6b1952d1675e83be9cc976cdb6a96", "lessThan": "475b5098043eef6e72751aadeab687992a5b63d1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c"], "versions": [{"version": "6.5", "status": "affected"}, {"version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.64", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11.11", "lessThanOrEqual": "6.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.2", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.6.64"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.11.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.12.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb"}, {"url": "https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6"}, {"url": "https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88"}, {"url": "https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1"}], "title": "crypto: qat/qat_4xxx - fix off by one in uof_get_name()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-53162", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T20:09:19.466365Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2025-10-01T15:36:23.137Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "54B7846B-C7F0-4910-8749-C0C31DCDDFD7", "versionEndExcluding": "6.6.64", "versionStartIncluding": "6.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893", "versionEndExcluding": "6.11.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776", "versionEndExcluding": "6.12.2", "versionStartIncluding": "6.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\n\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: crypto: qat/qat_4xxx - arreglado por uno en uof_get_name() La matriz fw_objs[] tiene elementos \"num_objs\", por lo que > debe ser >= para evitar un l\u00edmite leer."}], "id": "CVE-2024-53162", "lastModified": "2025-10-01T21:16:38.627", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-12-24T12:15:24.567", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/05c9a7a5344425860202a8f3efea4d8ed2d10edb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/475b5098043eef6e72751aadeab687992a5b63d1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/700852528fc5295897d6089eea0656d67f9b9d88"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e69d2845aaa080960f38761f78fd25aa856620c6"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "kernel: crypto: qat/qat_4xxx - fix off by one in uof_get_name()", "id": "2333981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333981"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: qat/qat_4xxx - fix off by one in uof_get_name()\nThe fw_objs[] array has \"num_objs\" elements so the > needs to be >= to\nprevent an out of bounds read."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, prevent module qat_4xxx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."}, "name": "CVE-2024-53162", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-12-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-53162\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-53162\nhttps://lore.kernel.org/linux-cve-announce/2024122431-CVE-2024-53162-25cd@gregkh/T"], "statement": "Actual only for latest versions of Red Hat Enterprise Linux 9. The security impact is limited, because read out of bounds could happen only for specific cases when qat/qat_4xxx crypto accelerator being used.", "threat_severity": "Moderate"}