5.5

CVE-2024-26744

RDMA/srpt: Support specifying the srpt_service_guid parameter

In the Linux kernel, the following vulnerability has been resolved:

RDMA/srpt: Support specifying the srpt_service_guid parameter

Make loading ib_srpt with this parameter set work. The current behavior is
that setting that parameter while loading the ib_srpt kernel module
triggers the following kernel crash:

BUG: kernel NULL pointer dereference, address: 0000000000000000
Call Trace:
 <TASK>
 parse_one+0x18c/0x1d0
 parse_args+0xe1/0x230
 load_module+0x8de/0xa60
 init_module_from_file+0x8b/0xd0
 idempotent_init_module+0x181/0x240
 __x64_sys_finit_module+0x5a/0xb0
 do_syscall_64+0x5f/0xe0
 entry_SYSCALL_64_after_hwframe+0x6e/0x76
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.3 < 4.19.308
LinuxLinux Kernel Version >= 4.20 < 5.10.211
LinuxLinux Kernel Version >= 5.11 < 5.15.150
LinuxLinux Kernel Version >= 5.16 < 6.1.80
LinuxLinux Kernel Version >= 6.2 < 6.6.19
LinuxLinux Kernel Version >= 6.7 < 6.7.7
LinuxLinux Kernel Version6.8 Updaterc1
LinuxLinux Kernel Version6.8 Updaterc2
LinuxLinux Kernel Version6.8 Updaterc3
LinuxLinux Kernel Version6.8 Updaterc4
LinuxLinux Kernel Version6.8 Updaterc5
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.165
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Mailing List
https://git.kernel.org/stable/c/5a5c039dac1b1b7ba3e91c791f4421052bf79b82
Patch
https://git.kernel.org/stable/c/84f1dac960cfa210a3b7a7522e6c2320ae91932b
Patch
https://git.kernel.org/stable/c/989af2f29342a9a7c7515523d879b698ac8465f4
Patch
https://git.kernel.org/stable/c/aee4dcfe17219fe60f2821923adea98549060af8
Patch
https://git.kernel.org/stable/c/c99a827d3cff9f84e1cb997b7cc6386d107aa74d
Patch
https://git.kernel.org/stable/c/fdfa083549de5d50ebf7f6811f33757781e838c0
Patch
https://git.kernel.org/stable/c/fe2a73d57319feab4b3b175945671ce43492172f
Patch
https://git.kernel.org/stable/c/e0055d6461b36bfc25a9d2ab974eef78d36a6738