CVE-2024-44933

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory out-of-bounds issue has been resolved in the Linux kernel, specifically in the bnxt en module. The issue arises from a recent commit that modified the code in bnxt reserve rings() to set the default RSS indirection table to default only when the number of RX rings is changing. This change causes a regression on older firmware that does not require RX ring reservations. The comparison if (old rx rings != bp->hw resc.resv rx rings) in bnxt reserve rings() may be false even when the RX rings are changing, leading to bnxt reserve rings() skipping the setting of the default RSS indirection table. This may later cause bnxt fill hw rss tbl() to use an out-of-range index. The fix involves moving bnxt check rss tbl no rmgr() up in bnxt need reserve rings() to be called unconditionally when using older firmware.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.