Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-btvu-afur-sfgz
Vulnerability ID VCID-btvu-afur-sfgz
Aliases CVE-2024-42139
Summary In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains enabled and can cause a kernel crash. As a side effect, when the driver is reloaded and application is started again, remaining extts event for the channel from a previous run will keep firing and the message "extts on unexpected channel" might be printed to the user. To avoid that, extts events shall be disabled when PTP is released.
Status Published
Exploitability 0.5
Weighted Severity 4.0
Risk 2.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-476 NULL Pointer Dereference
System Score Found at
cvssv3 4.4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42139.json
epss 9e-05 https://api.first.org/data/v1/epss?cve=CVE-2024-42139
cvssv3.1 5.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc Track https://git.kernel.org/stable/c/00d3b4f54582d4e4a02cda5886bb336eeab268cc
ssvc Track https://git.kernel.org/stable/c/9f69b31ae9e25dec27ad31fbc64dd99af16ee3d3
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42139.json
https://api.first.org/data/v1/epss?cve=CVE-2024-42139
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
00d3b4f54582d4e4a02cda5886bb336eeab268cc https://git.kernel.org/stable/c/00d3b4f54582d4e4a02cda5886bb336eeab268cc
2301504 https://bugzilla.redhat.com/show_bug.cgi?id=2301504
9f69b31ae9e25dec27ad31fbc64dd99af16ee3d3 https://git.kernel.org/stable/c/9f69b31ae9e25dec27ad31fbc64dd99af16ee3d3
RHSA-2024:7004 https://access.redhat.com/errata/RHSA-2024:7004
RHSA-2024:7005 https://access.redhat.com/errata/RHSA-2024:7005
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42139.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:59Z/ Found at https://git.kernel.org/stable/c/00d3b4f54582d4e4a02cda5886bb336eeab268cc
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T16:15:59Z/ Found at https://git.kernel.org/stable/c/9f69b31ae9e25dec27ad31fbc64dd99af16ee3d3
Exploit Prediction Scoring System (EPSS)
Percentile 0.01037
EPSS Score 9e-05
Published At June 7, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:51:13.091392+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0