PT-2024-7307 · Linux+6 · Linux Kernel+6

Mats Kronberg

·

Published

2024-02-04

·

Updated

2026-02-02

·

CVE-2024-26766

CVSS v2.0

6.8

Medium

VectorAV:L/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The vulnerability is related to an off-by-one error in the IB/hfi1 component of the Linux kernel, which can cause the descs array to overflow. This results in crashes that can be easily reproduced by the sendmsg system call. The issue is caused by an incorrect commit that introduced another error, leading to further crashes. The fix involves using the correct expression in pad sdma tx descs() to test the need to expand the descriptor array.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-193

Related Identifiers

ALSA-2026:1661
ALSA-2026:1662
BDU:2024-08661
CVE-2024-26766
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
OESA-2024-1566
OPENSUSE-SU-2024_1490-1
OPENSUSE-SU-2024_1641-1
OPENSUSE-SU-2024_1644-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3696-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3851-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4235-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0266-1
RHSA-2026:1661
RHSA-2026:1662
SUSE-SU-2024:1490-1
SUSE-SU-2024:1641-1
SUSE-SU-2024:1644-1
SUSE-SU-2024:1647-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:1677-1
SUSE-SU-2024:1679-1
SUSE-SU-2024:1680-1
SUSE-SU-2024:1682-1
SUSE-SU-2024:1685-1
SUSE-SU-2024:1695-1
SUSE-SU-2024:1705-1
SUSE-SU-2024:1711-1
SUSE-SU-2024:1726-1
SUSE-SU-2024:1739-1
SUSE-SU-2024:1740-1
SUSE-SU-2024:1748-1
SUSE-SU-2024:1749-1
SUSE-SU-2024:1750-1
SUSE-SU-2024:1753-1
SUSE-SU-2024:1757-1
SUSE-SU-2024:1759-1
SUSE-SU-2024:2092-1
SUSE-SU-2024:2162-1
SUSE-SU-2024:2163-1
SUSE-SU-2024:2191-1
SUSE-SU-2024:2207-1
SUSE-SU-2024:2337-1
SUSE-SU-2024:2446-1
SUSE-SU-2024:2447-1
SUSE-SU-2024:2448-1
SUSE-SU-2024:2722-1
SUSE-SU-2024:2824-1
SUSE-SU-2024:2825-1
SUSE-SU-2024:2840-1
SUSE-SU-2024:2850-1
SUSE-SU-2024:3368-1
SUSE-SU-2024:3375-1
SUSE-SU-2024:3379-1
SUSE-SU-2024:3399-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3696-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3851-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4235-1
SUSE-SU-2024:4266-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0266-1
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6831-1
USN-6867-1
USN-6871-1
USN-6892-1
USN-6919-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Rocky Linux
Suse
Ubuntu