CVE-2024-38539

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38539
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38539.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-38539
Downstream
Related
Published
2024-06-19T13:35:14Z
Modified
2025-10-17T07:00:41.309309Z
Summary
RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw

When running blktests nvme/rdma, the following kmemleak issue will appear.

kmemleak: Kernel memory leak detector initialized (mempool available:36041) kmemleak: Automatic memory scanning thread started kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) kmemleak: 17 new suspected memory leaks (see /sys/kernel/debug/kmemleak) kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)

unreferenced object 0xffff88855da53400 (size 192): comm "rdma", pid 10630, jiffies 4296575922 hex dump (first 32 bytes): 37 00 00 00 00 00 00 00 c0 ff ff ff 1f 00 00 00 7............... 10 34 a5 5d 85 88 ff ff 10 34 a5 5d 85 88 ff ff .4.].....4.].... backtrace (crc 47f66721): [<ffffffff911251bd>] kmalloctrace+0x30d/0x3b0 [<ffffffffc2640ff7>] allocgidentry+0x47/0x380 [ibcore] [<ffffffffc2642206>] addmodifygid+0x166/0x930 [ibcore] [<ffffffffc2643468>] ibcacheupdate.part.0+0x6d8/0x910 [ibcore] [<ffffffffc2644e1a>] ibcachesetupone+0x24a/0x350 [ibcore] [<ffffffffc263949e>] ibregisterdevice+0x9e/0x3a0 [ibcore] [<ffffffffc2a3d389>] 0xffffffffc2a3d389 [<ffffffffc2688cd8>] nldevnewlink+0x2b8/0x520 [ibcore] [<ffffffffc2645fe3>] rdmanlrcvmsg+0x2c3/0x520 [ibcore] [<ffffffffc264648c>] rdmanlrcvskb.constprop.0.isra.0+0x23c/0x3a0 [ibcore] [<ffffffff9270e7b5>] netlinkunicast+0x445/0x710 [<ffffffff9270f1f1>] netlinksendmsg+0x761/0xc40 [<ffffffff9249db29>] _syssendto+0x3a9/0x420 [<ffffffff9249dc8c>] _x64syssendto+0xdc/0x1b0 [<ffffffff92db0ad3>] dosyscall64+0x93/0x180 [<ffffffff92e00126>] entrySYSCALL64afterhwframe+0x71/0x79

The root cause: rdmaputgidattr is not called when sgidattr is set to ERR_PTR(-ENODEV).

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f8ef1be816bf9a0c406c696368c2264a9597a994
Fixed
3eb127dc408bf7959a4920d04d16ce10e863686a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f8ef1be816bf9a0c406c696368c2264a9597a994
Fixed
6564fc1818404254d1c9f7d75b403b4941516d26
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f8ef1be816bf9a0c406c696368c2264a9597a994
Fixed
b3a7fb93afd888793ef226e9665fbda98a95c48e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f8ef1be816bf9a0c406c696368c2264a9597a994
Fixed
9c0731832d3b7420cbadba6a7f334363bc8dfb15

Affected versions

v6.*

v6.5
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.10
v6.8.11
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c",
            "function": "cma_validate_port"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6564fc1818404254d1c9f7d75b403b4941516d26",
        "signature_version": "v1",
        "id": "CVE-2024-38539-127542f8",
        "digest": {
            "function_hash": "336517527794179833797600176359325828889",
            "length": 1066.0
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c0731832d3b7420cbadba6a7f334363bc8dfb15",
        "signature_version": "v1",
        "id": "CVE-2024-38539-7a1561d6",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "260295859106163110463334511633619815493",
                "35271626653409888932310475891024049092",
                "240964754394988684924410125325309735154",
                "30465260005226461248315766199277731931",
                "95261081099248492490970784879840131713"
            ]
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3eb127dc408bf7959a4920d04d16ce10e863686a",
        "signature_version": "v1",
        "id": "CVE-2024-38539-b0573c8f",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "260295859106163110463334511633619815493",
                "35271626653409888932310475891024049092",
                "240964754394988684924410125325309735154",
                "30465260005226461248315766199277731931",
                "95261081099248492490970784879840131713"
            ]
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c",
            "function": "cma_validate_port"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b3a7fb93afd888793ef226e9665fbda98a95c48e",
        "signature_version": "v1",
        "id": "CVE-2024-38539-d625f91b",
        "digest": {
            "function_hash": "336517527794179833797600176359325828889",
            "length": 1066.0
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b3a7fb93afd888793ef226e9665fbda98a95c48e",
        "signature_version": "v1",
        "id": "CVE-2024-38539-d9aed87b",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "260295859106163110463334511633619815493",
                "35271626653409888932310475891024049092",
                "240964754394988684924410125325309735154",
                "30465260005226461248315766199277731931",
                "95261081099248492490970784879840131713"
            ]
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c",
            "function": "cma_validate_port"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9c0731832d3b7420cbadba6a7f334363bc8dfb15",
        "signature_version": "v1",
        "id": "CVE-2024-38539-ddd090ed",
        "digest": {
            "function_hash": "336517527794179833797600176359325828889",
            "length": 1066.0
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c",
            "function": "cma_validate_port"
        },
        "signature_type": "Function",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3eb127dc408bf7959a4920d04d16ce10e863686a",
        "signature_version": "v1",
        "id": "CVE-2024-38539-ea7147b5",
        "digest": {
            "function_hash": "336517527794179833797600176359325828889",
            "length": 1066.0
        }
    },
    {
        "deprecated": false,
        "target": {
            "file": "drivers/infiniband/core/cma.c"
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6564fc1818404254d1c9f7d75b403b4941516d26",
        "signature_version": "v1",
        "id": "CVE-2024-38539-f7e5164f",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "260295859106163110463334511633619815493",
                "35271626653409888932310475891024049092",
                "240964754394988684924410125325309735154",
                "30465260005226461248315766199277731931",
                "95261081099248492490970784879840131713"
            ]
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.33
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.8.12
Type
ECOSYSTEM
Events
Introduced
6.9.0
Fixed
6.9.3