PT-2024-3394 · Linux+10 · Linux Kernel+10
Published
2024-01-31
·
Updated
2025-10-01
·
CVE-2024-26907
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 6.2.0-32-generic #32~22.04.1-Ubuntu
Description:
The vulnerability is related to a field-spanning write in the
mlx5 ib post send function, which can lead to a potential buffer overflow. This issue is associated with the RDMA/mlx5 driver in the Linux kernel. The vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information.Recommendations:
To resolve this issue, update the Linux kernel to a version that includes the fix for the RDMA/mlx5 vulnerability. Specifically, update to a version later than 6.2.0-32-generic #32~22.04.1-Ubuntu.
Note: The provided information does not specify the exact fixed version, so it is recommended to update to the latest available version of the Linux kernel to ensure the vulnerability is resolved.
Exploit
Fix
Memory Corruption
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu