In the Linux kernel, the following vulnerability has been resolved:
rdma/cxgb4: Prevent potential integer overflow on 32bit
The "gl->tot_len" variable is controlled by the user. It comes from
process_responses(). On 32bit systems, the "gl->tot_len + sizeof(struct
cpl_pass_accept_req) + sizeof(struct rss_header)" addition could have an
integer wrapping bug. Use size_add() to prevent this.
CVE ID: CVE-2024-57973
Vendor: Linux, Linux
Product: Linux, Linux
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 1.76% (scored less or equal to compared to others)
EPSS Date: 2025-03-27 (when was this score calculated)