Ubuntu.comUB:CVE-2024-38544CVE-2024-38544
In the Linux kernel, the following vulnerability has been resolved:
RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt
In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the
resp_pkts queue and then a decision is made whether to run the completer
task inline or schedule it. Finally the skb is dereferenced to bump a ‘hw’
performance counter. This is wrong because if the completer task is
already running in a separate thread it may have already processed the skb
and freed it which can cause a seg fault. This has been observed
infrequently in testing at high scale.
This patch fixes this by changing the order of enqueuing the packet until
after the counter is accessed.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
References
git.kernel.org/linus/2b23b6097303ed0ba5f4bc036a1c07b6027af5c6 (6.10-rc1)
git.kernel.org/stable/c/21b4c6d4d89030fd4657a8e7c8110fd941049794
git.kernel.org/stable/c/2b23b6097303ed0ba5f4bc036a1c07b6027af5c6
git.kernel.org/stable/c/30df4bef8b8e183333e9b6e9d4509d552c7da6eb
git.kernel.org/stable/c/bbad88f111a1829f366c189aa48e7e58e57553fc
git.kernel.org/stable/c/faa8d0ecf6c9c7c2ace3ca3e552180ada6f75e19
launchpad.net/bugs/cve/CVE-2024-38544
nvd.nist.gov/vuln/detail/CVE-2024-38544
security-tracker.debian.org/tracker/CVE-2024-38544
www.cve.org/CVERecord?id=CVE-2024-38544
Related
