CVE-2024-56660

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description The issue concerns a potential error pointer dereference in the Linux kernel, specifically in the net/mlx5: DR component. The dr domain add vport cap() function generally returns NULL on error but sometimes returns ERR PTR(-EBUSY) to allow the caller to retry. However, if the return value is -ENOMEM, the error pointer is propagated back and eventually dereferenced in dr ste v0 build src gvmi qpn tag(). This could lead to a potential error.

Recommendations For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting access to the dr domain add vport cap() function until a patch is available. Additionally, avoid using the ret variable in the affected dr ste v0 build src gvmi qpn tag() function until the issue is resolved.