VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-qkeu-rz4s-53a1

Essentials
Severities (13)
References (21)
Severity details (10)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-qkeu-rz4s-53a1
Aliases	CVE-2024-57982
Summary	kernel: xfrm: state: fix out-of-bounds read during lookup
Status	Published
Exploitability	0.5
Weighted Severity	6.4
Risk	3.2
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-125

Out-of-bounds Read

System	Score	Found at
cvssv3	7.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57982.json
epss	0.0001	https://api.first.org/data/v1/epss?cve=CVE-2024-57982
epss	0.0001	https://api.first.org/data/v1/epss?cve=CVE-2024-57982
epss	0.0001	https://api.first.org/data/v1/epss?cve=CVE-2024-57982
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.1	https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc
ssvc	Track	https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc
cvssv3.1	7.1	https://git.kernel.org/stable/c/b86dc510308d7a8955f3f47a4fea4bef887653e4
ssvc	Track	https://git.kernel.org/stable/c/b86dc510308d7a8955f3f47a4fea4bef887653e4
cvssv3.1	7.1	https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0
ssvc	Track	https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0
cvssv3.1	7.1	https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d
ssvc	Track	https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57982.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-57982
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57982
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2348640		https://bugzilla.redhat.com/show_bug.cgi?id=2348640
a16871c7832ea6435abb6e0b58289ae7dcb7e4fc		https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc
b86dc510308d7a8955f3f47a4fea4bef887653e4		https://git.kernel.org/stable/c/b86dc510308d7a8955f3f47a4fea4bef887653e4
dd4c2a174994238d55ab54da2545543d36f4e0d0		https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0
e952837f3ddb0ff726d5b582aa1aad9aa38d024d		https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d
USN-7521-1		https://usn.ubuntu.com/7521-1/
USN-7521-2		https://usn.ubuntu.com/7521-2/
USN-7521-3		https://usn.ubuntu.com/7521-3/
USN-7651-1		https://usn.ubuntu.com/7651-1/
USN-7651-2		https://usn.ubuntu.com/7651-2/
USN-7651-3		https://usn.ubuntu.com/7651-3/
USN-7651-4		https://usn.ubuntu.com/7651-4/
USN-7651-5		https://usn.ubuntu.com/7651-5/
USN-7651-6		https://usn.ubuntu.com/7651-6/
USN-7652-1		https://usn.ubuntu.com/7652-1/
USN-7653-1		https://usn.ubuntu.com/7653-1/
USN-7737-1		https://usn.ubuntu.com/7737-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57982.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Found at https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/ Found at https://git.kernel.org/stable/c/a16871c7832ea6435abb6e0b58289ae7dcb7e4fc

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Found at https://git.kernel.org/stable/c/b86dc510308d7a8955f3f47a4fea4bef887653e4

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/ Found at https://git.kernel.org/stable/c/b86dc510308d7a8955f3f47a4fea4bef887653e4

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Found at https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/ Found at https://git.kernel.org/stable/c/dd4c2a174994238d55ab54da2545543d36f4e0d0

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Found at https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:31:46Z/ Found at https://git.kernel.org/stable/c/e952837f3ddb0ff726d5b582aa1aad9aa38d024d

Exploit Prediction Scoring System (EPSS)

Percentile	0.01234
EPSS Score	0.0001
Published At	June 5, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:48:10.890557+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57982.json	38.6.0