Lucene search
LinuxVULNRICHMENT:CVE-2024-40919HistoryJul 12, 2024 - 12:25 p.m.
CVE-2024-40919 bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
2024-07-1212:25:01
Linux
github.com
1
linux kernel
vulnerability resolved
firmware messages
token released
hwrm_err_code_pf_unavailable
firmware
null pointer dereference
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
In case of token is released due to token->state == BNXT_HWRM_DEFERRED,
released token (set to NULL) is used in log messages. This issue is
expected to be prevented by HWRM_ERR_CODE_PF_UNAVAILABLE error code. But
this error code is returned by recent firmware. So some firmware may not
return it. This may lead to NULL pointer dereference.
Adjust this issue by adding token pointer check.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Related
redhatcve
redhatcve
CVE-2024-40919
2024-07-16 15:55:44
osv
osv
CVE-2024-40919
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
2024-09-12 13:47:54
debiancve
debiancve
CVE-2024-40919
2024-07-12 13:15:14
nvd
nvd
CVE-2024-40919
2024-07-12 13:15:14
ubuntucve
ubuntucve
CVE-2024-40919
2024-07-12 00:00:00
cvelist
cvelist
cve
cve
CVE-2024-40919
2024-07-12 13:15:14
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00
nessus
nessus
Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-07-16 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
AI Score
6.9
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-40919