GHSA-h8r6-36w2-4qqx · Severity: medium — Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md,...
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.
Conclusion & alert: CVE-2024-23307 is rated Low Risk (33.2/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.58%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.10% | 0.58% | +0.48% |
| 2 | 2025-03-30 | 0.35% | 0.10% | -0.25% |
| 3 | 2025-03-29 | — | 0.35% | — |
Full EPSS history (5 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 4.4 | 3.1 | MEDIUM |
|
0.7 | 3.6 | [email protected] |
| 7.8 | 3.1 | HIGH |
|
1.8 | 5.9 | [email protected] |
GHSA-h8r6-36w2-4qqx · Severity: medium — Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md,...
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
not yet assigned | CVE-2024-23307 not yet assigned priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 4, open 1. | https://security-tracker.debian.org/tracker/CVE-2024-23307 |
redhat
|
medium | — | https://access.redhat.com/security/cve/CVE-2024-23307 |
suse
|
high | CVE-2024-23307 severity important: SUSE including 702 source package names (15.5:kernel-default-devel-5.14.21-150500.55.62.2, 15.5:kernel-devel-5.14.21-150500.55.62.2, …), 1330 product×package rows across 246 product lines (Container bci/bci-sle15-kernel-module-devel, Container suse/sle-micro-rancher/5.2, … (246 product lines)): Fixed 1088, Known Affected 200, Known Not Affected 42. | https://www.suse.com/security/cve/CVE-2024-23307/ |
ubuntu
|
low | CVE-2024-23307 low priority: Ubuntu including 166 source packages (linux, linux-allwinner-5.19, …), 1752 status rows across 11 suites (bionic, focal, jammy, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial): DNE 1320, released 208, ignored 146, not-affected 78. | https://ubuntu.com/security/CVE-2024-23307 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| linux | linux_kernel | >= 4.1, < 6.1.84 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 6.2, < 6.6.24 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 6.7, < 6.7.12 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | >= 6.8, < 6.8.3 | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://bugzilla.openanolis.cn/show_bug.cgi?id=7975 | Issue Tracking Permissions Required |
| https://cert-portal.siemens.com/productcert/html/ssa-265688.html |