7.1

CVE-2024-38542

RDMA/mana_ib: boundary check before installing cq callbacks

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mana_ib: boundary check before installing cq callbacks

Add a boundary check inside mana_ib_install_cq_cb to prevent index overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.8.2 < 6.8.12
LinuxLinux Kernel Version >= 6.9 < 6.9.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.156
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://git.kernel.org/stable/c/168f6fbde0eabd71d1f4133df7d001a950b96977
Patch
https://git.kernel.org/stable/c/f12afddfb142587d786df9e3cc4862190d3e2ec8
Patch
https://git.kernel.org/stable/c/f79edef79b6a2161f4124112f9b0c46891bb0b74
Patch