CVE-2024-49977

medium

Published 2025-05-13 · Modified 2026-05-12

CVSS v3

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

VIR risk

5.5

Description

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error when disabling tc cbs The commit b8c43360f6e4 ("net: stmmac: No need to calculate speed divider when offload is disabled") allows the "port_transmit_rate_kbps" to be set to a value of 0, which is then passed to the "div_s64" function when tc-cbs is disabled. This leads to a zero-division error. When tc-cbs is disabled, the idleslope, sendslope, and credit values the credit values are not required to be configured. Therefore, adding a return statement after setting the txQ mode to DCB when tc-cbs is disabled would prevent a zero-division error.

Predictions

Exploit likelihood

55%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact

OS	Version	Status	Fixed in
rhel	9	fixed
sles		affected
debian	bookworm	fixed	`6.1.115-1`
debian	bullseye	fixed	`5.10.234-1`
debian	forky	fixed	`6.11.4-1`
debian	sid	fixed	`6.11.4-1`
debian	trixie	fixed	`6.11.4-1`
linux-kernel		affected	`5.10.227`

References

CWEs

CWE-369

💬 Discuss CVE-2024-49977 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.