[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2024-46679":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":23,"related":24,"reserved_at":9,"published_at":25,"modified_at":26,"state":9,"summary":27,"references_raw":29,"kevs":36,"epss":9,"epss_history":37,"metrics":38,"affected":45},"DEBIAN-CVE-2024-46679","In the Linux kernel, the following vulnerability has been resolved:  ethtool: check device is present when getting link settings  A sysfs reader can race with a device reset or removal, attempting to read device state when the device is not actually present. eg:       [exception RIP: qed_get_current_link+17]   #8 [ffffb9e4f2907c48] qede_get_link_ksettings at ffffffffc07a994a [qede]   #9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings at ffffffff992b01a3  #10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings at ffffffff992b04e4  #11 [ffffb9e4f2907d90] duplex_show at ffffffff99260300  #12 [ffffb9e4f2907e38] dev_attr_show at ffffffff9905a01c  #13 [ffffb9e4f2907e50] sysfs_kf_seq_show at ffffffff98e0145b  #14 [ffffb9e4f2907e68] seq_read at ffffffff98d902e3  #15 [ffffb9e4f2907ec8] vfs_read at ffffffff98d657d1  #16 [ffffb9e4f2907f00] ksys_read at ffffffff98d65c3f  #17 [ffffb9e4f2907f38] do_syscall_64 at ffffffff98a052fb   crash> struct net_device.state ffff9a9d21336000     state = 5,  state 5 is __LINK_STATE_START (0b1) and __LINK_STATE_NOCARRIER (0b100). The device is not present, note lack of __LINK_STATE_PRESENT (0b10).  This is the same sort of panic as observed in commit 4224cfd7fb65 (\"net-sysfs: add check for netdevice being present to speed_show\").  There are many other callers of __ethtool_get_link_ksettings() which don't have a device presence check.  Move this check into ethtool to protect all callers.",null,[],[],[],[14],{"_key":15},"CVE-2024-46679",[17,19,21],{"_key":18},"DLA-3912-1",{"_key":20},"DLA-4008-1",{"_key":22},"DSA-5782-1",[],[],"2024-09-13T06:15:12.530Z","2026-04-28T20:28:34.456084Z",{"cisa_kev":28,"cisa_ransomware":28,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[30],{"url":31,"sources":32,"tags":34},"https://security-tracker.debian.org/tracker/CVE-2024-46679",[33],"osv_debian",[35],"Advisory",[],[],[39],{"source":33,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":40,"cvss_v4_0":9},{"baseScore":41,"baseSeverity":9,"vectorString":42,"impactScore":43,"exploitabilityScore":44},4.7,"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",6,2.6,[46,65],{"ecosystem":47,"name":48,"vendor":49,"product":48,"cpe_part":9,"purl_type":50,"purl_namespace":49,"purl_name":48,"source":9,"versions":51},"Debian","linux","debian","deb",[52,58,61,64],{"version":53,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":56,"version_end_type":57,"fixed_in":9},"lt5_10_226_1",true,"ecosystem","5.10.226-1","excluding",{"version":59,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":60,"version_end_type":57,"fixed_in":9},"lt6_1_112_1","6.1.112-1",{"version":62,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":63,"version_end_type":57,"fixed_in":9},"lt6_10_9_1","6.10.9-1",{"version":62,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":63,"version_end_type":57,"fixed_in":9},{"ecosystem":47,"name":66,"vendor":49,"product":66,"cpe_part":9,"purl_type":50,"purl_namespace":49,"purl_name":66,"source":9,"versions":67},"linux-6.1",[68],{"version":69,"is_range":54,"range_type":55,"version_start":9,"version_start_type":9,"version_end":70,"version_end_type":57,"fixed_in":9},"lt6_1_119_1~deb11u1","6.1.119-1~deb11u1"]