CVE-2024-56721

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 29, 2024

Updated: Jan 9, 2025

CWE ID 125

Summary

CVE-2024-56721 is a vulnerability in the Linux kernel that affects x86/CPU/AMD systems. The issue lies in the erratum_1386_microcode array, which fails to terminate properly due to the lack of an empty entry at its end. Consequently, x86_match_cpu_with_stepping() function continues to iterate the array beyond its limits, posing a potential security risk. This vulnerability has been mitigated by adding an empty entry to the erratum_1386_microcode array to prevent unintended array access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1_648R
https://www.cve.org/CVERecord?id=CVE-2024-56721
https://nvd.nist.gov/vuln/detail/CVE-2024-56721

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners