PT-2025-3661 · Linux+2 · Linux Kernel+2
Publicado
2024-12-04
·
Atualizado
2025-10-15
·
CVE-2024-57936
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue concerns the RDMA/bnxt re component in the Linux kernel, where the maximum number of SGEs (Scatter-Gather Elements) for a Work Request is not properly handled. Specifically, Gen P7 supports up to 13 SGEs, but the WQE (Work Queue Entry) software structure can only hold 6. This discrepancy causes the stack to potentially send requests with up to 13 SGEs, leading to traffic failures and system crashes. The solution involves using the definition for the maximum SGEs supported for variable size, which will work for both static and variable WQEs.
Recommendations
Use the define for max SGE supported for variable size to resolve the issue. This will work for both static and variable WQEs.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Astra Linux
Linux Kernel
Suse