5.5

CVE-2024-57973

rdma/cxgb4: Prevent potential integer overflow on 32bit

In the Linux kernel, the following vulnerability has been resolved:

rdma/cxgb4: Prevent potential integer overflow on 32bit

The "gl->tot_len" variable is controlled by the user.  It comes from
process_responses().  On 32bit systems, the "gl->tot_len + sizeof(struct
cpl_pass_accept_req) + sizeof(struct rss_header)" addition could have an
integer wrapping bug.  Use size_add() to prevent this.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.8 < 6.1.129
LinuxLinux Kernel Version >= 6.2 < 6.6.76
LinuxLinux Kernel Version >= 6.7 < 6.12.13
LinuxLinux Kernel Version >= 6.13 < 6.13.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.136
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/4422f452d028850b9cc4fd8f1cf45a8ff91855eb
Patch
https://git.kernel.org/stable/c/aeb814484387811b3579d5c78ad4eb301e3bf1c8
Patch
https://git.kernel.org/stable/c/bd96a3935e89486304461a21752f824fc25e0f0b
Patch
https://git.kernel.org/stable/c/dd352107f22bfbecbbf3b74bde14f3f932296309
Patch
https://git.kernel.org/stable/c/de8d88b68d0cfd41152a7a63d6aec0ed3e1b837a
Patch
https://git.kernel.org/stable/c/2b759f78b83221f4a1cae3aeb20b500e375f3ee6
https://git.kernel.org/stable/c/d64148a10a85952352de6091ceed99fb9ce2d3ee
https://git.kernel.org/stable/c/e53ca458f543aa352d09b484550de173cb9085c2
https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html
https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html