PT-2024-9006 · Linux+9 · Linux Kernel+9
Guangwu Zhang
·
Published
2024-05-30
·
Updated
2025-09-29
·
CVE-2024-36919
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 6.6.37
Description:
A vulnerability in the Linux kernel has been resolved, related to the bnx2fc component. The issue arises from the improper use of spin lock bh when releasing resources after an upload, which can lead to a kernel bug and potentially cause a system crash. The vulnerability is due to the sequential nature of offload and upload calls, making the lock unnecessary. This vulnerability can be exploited to cause a denial of service.
Recommendations:
To resolve this issue, update the Linux kernel to version 6.6.37 or later. This update removes the unnecessary spin lock bh, preventing the kernel bug and potential system crash. Ensure that all affected systems are updated to this version or later to mitigate the risk of exploitation.
Exploit
Fix
DoS
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu