Lucene search
LinuxCVELIST:CVE-2024-40940HistoryJul 12, 2024 - 12:25 p.m.
CVE-2024-40940 net/mlx5: Fix tainted pointer delete is case of flow rules creation fail
2024-07-1212:25:15
Linux
www.cve.org
5
linux kernel
net/mlx5
flow rules
creation
failure
pointer delete
bug fix
svace
EPSS
0
Percentile
15.9%
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix tainted pointer delete is case of flow rules creation fail
In case of flow rule creation fail in mlx5_lag_create_port_sel_table(),
instead of previously created rules, the tainted pointer is deleted
deveral times.
Fix this bug by using correct flow rules pointers.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c"
],
"versions": [
{
"version": "352899f384d4",
"lessThan": "531eab2da27d",
"status": "affected",
"versionType": "git"
},
{
"version": "352899f384d4",
"lessThan": "d857df86837a",
"status": "affected",
"versionType": "git"
},
{
"version": "352899f384d4",
"lessThan": "a03a3fa12769",
"status": "affected",
"versionType": "git"
},
{
"version": "352899f384d4",
"lessThan": "229bedbf62b1",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c"
],
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.95",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.35",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.6",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
osv
osv
CVE-2024-40940
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
2024-09-12 13:47:54
ubuntucve
ubuntucve
CVE-2024-40940
2024-07-12 00:00:00
debiancve
debiancve
CVE-2024-40940
2024-07-12 13:15:16
redhatcve
redhatcve
CVE-2024-40940
2024-07-16 16:26:15
cve
cve
CVE-2024-40940
2024-07-12 13:15:16
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-40940
2024-07-12 13:15:16
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00
nessus
nessus
Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-07-16 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00