VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-e1yr-dcpp-a7f8

Essentials
Severities (11)
References (19)
Severity details (8)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-e1yr-dcpp-a7f8
Aliases	CVE-2024-56742
Summary	kernel: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()
Status	Published
Exploitability	0.5
Weighted Severity	5.5
Risk	2.8
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-401

Missing Release of Memory after Effective Lifetime

System	Score	Found at
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56742.json
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-56742
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-56742
epss	0.00018	https://api.first.org/data/v1/epss?cve=CVE-2024-56742
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	3.3	https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe2732ef0c7a25f16
ssvc	Track	https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe2732ef0c7a25f16
cvssv3.1	3.3	https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308de80686c730c7df
ssvc	Track	https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308de80686c730c7df
cvssv3.1	3.3	https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5
ssvc	Track	https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56742.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-56742
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22e87bf3f77c18f5982c19ffe2732ef0c7a25f16		https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe2732ef0c7a25f16
2334819		https://bugzilla.redhat.com/show_bug.cgi?id=2334819
769fe4ce444b646b0bf6ac308de80686c730c7df		https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308de80686c730c7df
c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5		https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5
USN-7276-1		https://usn.ubuntu.com/7276-1/
USN-7277-1		https://usn.ubuntu.com/7277-1/
USN-7310-1		https://usn.ubuntu.com/7310-1/
USN-7449-1		https://usn.ubuntu.com/7449-1/
USN-7449-2		https://usn.ubuntu.com/7449-2/
USN-7450-1		https://usn.ubuntu.com/7450-1/
USN-7451-1		https://usn.ubuntu.com/7451-1/
USN-7452-1		https://usn.ubuntu.com/7452-1/
USN-7453-1		https://usn.ubuntu.com/7453-1/
USN-7468-1		https://usn.ubuntu.com/7468-1/
USN-7523-1		https://usn.ubuntu.com/7523-1/
USN-7524-1		https://usn.ubuntu.com/7524-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56742.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Found at https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe2732ef0c7a25f16

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:22Z/ Found at https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe2732ef0c7a25f16

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Found at https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308de80686c730c7df

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:22Z/ Found at https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308de80686c730c7df

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Found at https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T20:10:22Z/ Found at https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5

Exploit Prediction Scoring System (EPSS)

Percentile	0.05062
EPSS Score	0.00018
Published At	June 5, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:50:00.336341+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56742.json	38.6.0