Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-44970
HistorySep 04, 2024 - 6:56 p.m.

CVE-2024-44970 net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink

2024-09-0418:56:46
Linux
www.cve.org
2
linux kernel
shampo
vulnerability
linked list
fix
wqe
wq.

EPSS

0

Percentile

16.3%

JSON

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink

When all the strides in a WQE have been consumed, the WQE is unlinked
from the WQ linked list (mlx5_wq_ll_pop()). For SHAMPO, it is possible
to receive CQEs with 0 consumed strides for the same WQE even after the
WQE is fully consumed and unlinked. This triggers an additional unlink
for the same wqe which corrupts the linked list.

Fix this scenario by accepting 0 sized consumed strides without
unlinking the WQE again.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/mellanox/mlx5/core/en_rx.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f4",
        "lessThan": "7b379353e914",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "650e24748e1e",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "50d8009a0ac0",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "fba8334721e2",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/ethernet/mellanox/mlx5/core/en_rx.c"
    ],
    "versions": [
      {
        "version": "6.1.105",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.46",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.5",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

nvd 1
osv 1
cve 1
ubuntucve 1
vulnrichment 1
debiancve 1
redhatcve 1
nvd
nvd
CVE-2024-44970
2024-09-04 19:15:31
osv
osv
CVE-2024-44970
2024-09-04 19:15:31
cve
cve
CVE-2024-44970
2024-09-04 19:15:31
ubuntucve
ubuntucve
CVE-2024-44970
2024-09-05 00:00:00
vulnrichment
vulnrichment
CVE-2024-44970 net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink
2024-09-04 18:56:46
debiancve
debiancve
CVE-2024-44970
2024-09-04 19:15:31
redhatcve
redhatcve
CVE-2024-44970
2024-09-04 20:20:24

EPSS

0

Percentile

16.3%

JSON
Related for CVELIST:CVE-2024-44970
nvd1osv1cve1ubuntucve1vulnrichment1debiancve1redhatcve1