Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveLinuxCVE-2024-41082
HistoryJul 29, 2024 - 3:15 p.m.

CVE-2024-41082

2024-07-2915:15:15
Linux
web.nvd.nist.gov
30
linux kernel
nvme-fabrics
vulnerability

AI Score

6.8

Confidence

High

EPSS

0

Percentile

9.4%

JSON

In the Linux kernel, the following vulnerability has been resolved:

nvme-fabrics: use reserved tag for reg read/write command

In some scenarios, if too many commands are issued by nvme command in
the same time by user tasks, this may exhaust all tags of admin_q. If
a reset (nvme reset or IO timeout) occurs before these commands finish,
reconnect routine may fail to update nvme regs due to insufficient tags,
which will cause kernel hang forever. In order to workaround this issue,
maybe we can let reg_read32()/reg_read64()/reg_write32() use reserved
tags. This maybe safe for nvmf:

  1. For the disable ctrl path, we will not issue connect command
  2. For the enable ctrl / fw activate path, since connect and reg_xx()
    are called serially.

So the reserved tags may still be enough while reg_xx() use reserved tags.

Affected configurations

Vulners
Node
linuxlinux_kernelRange6.9.06.9.11
OR
linuxlinux_kernelRange6.10.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/nvme/host/fabrics.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f4",
        "lessThan": "165da9c67a26",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "7dc3bfcb4c9c",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/nvme/host/fabrics.c"
    ],
    "versions": [
      {
        "version": "6.9.11",
        "lessThanOrEqual": "6.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

vulnrichment 1
osv 1
cvelist 1
nvd 1
redhatcve 1
debiancve 1
vulnrichment
vulnrichment
CVE-2024-41082 nvme-fabrics: use reserved tag for reg read/write command
2024-07-29 15:04:19
osv
osv
CVE-2024-41082
2024-07-29 15:15:15
cvelist
cvelist
CVE-2024-41082 nvme-fabrics: use reserved tag for reg read/write command
2024-07-29 15:04:19
nvd
nvd
CVE-2024-41082
2024-07-29 15:15:15
redhatcve
redhatcve
CVE-2024-41082
2024-07-31 09:15:30
debiancve
debiancve
CVE-2024-41082
2024-07-29 15:15:15

AI Score

6.8

Confidence

High

EPSS

0

Percentile

9.4%

JSON
Related for CVE-2024-41082
vulnrichment1osv1cvelist1nvd1redhatcve1debiancve1