Lucene search
LinuxCVE-2024-40919HistoryJul 12, 2024 - 1:15 p.m.
CVE-2024-40919
2024-07-1213:15:14
Linux
web.nvd.nist.gov
31
linux kernel
bnxt_en
firmware message
logging
vulnerability
cve-2024-40919
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
In case of token is released due to token->state == BNXT_HWRM_DEFERRED,
released token (set to NULL) is used in log messages. This issue is
expected to be prevented by HWRM_ERR_CODE_PF_UNAVAILABLE error code. But
this error code is returned by recent firmware. So some firmware may not
return it. This may lead to NULL pointer dereference.
Adjust this issue by adding token pointer check.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Affected configurations
Node
linuxlinux_kernelRange5.17–6.1.95
ORlinuxlinux_kernelRange6.2.0–6.6.35
ORlinuxlinux_kernelRange6.7.0–6.9.6
ORlinuxlinux_kernelRange6.10.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c"
],
"versions": [
{
"version": "8fa4219dba8e",
"lessThan": "cde177fa235c",
"status": "affected",
"versionType": "git"
},
{
"version": "8fa4219dba8e",
"lessThan": "ca6660c95624",
"status": "affected",
"versionType": "git"
},
{
"version": "8fa4219dba8e",
"lessThan": "8b65eaeae88d",
"status": "affected",
"versionType": "git"
},
{
"version": "8fa4219dba8e",
"lessThan": "a9b9741854a9",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/broadcom/bnxt/bnxt_hwrm.c"
],
"versions": [
{
"version": "5.17",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.17",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.95",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.35",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.6",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
redhatcve
redhatcve
CVE-2024-40919
2024-07-16 15:55:44
osv
osv
CVE-2024-40919
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux-nvidia-6.8 vulnerabilities
2024-09-13 11:22:12
debiancve
debiancve
CVE-2024-40919
2024-07-12 13:15:14
vulnrichment
vulnrichment
cvelist
cvelist
nvd
nvd
CVE-2024-40919
2024-07-12 13:15:14
ubuntucve
ubuntucve
CVE-2024-40919
2024-07-12 00:00:00
nessus
nessus
Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-07-16 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
Ubuntu: Security Advisory (USN-6999-1)
2024-09-12 00:00:00