CVE-2024-26586

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a stack corruption vulnerability in the Linux kernel, specifically in the mlxsw sp acl tcam module. This vulnerability can occur when more than 16 ACLs are required in a group, causing a kernel panic due to stack corruption. The vulnerability is fixed by limiting the maximum ACL group size to the minimum between what the firmware reports and the maximum ACLs that fit in the PAGT register. A test case has been added to ensure the machine does not crash when this condition is hit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.