CVE-2024-38606
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-38606
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38606.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-38606
- Downstream
- Related
- Published
- 2024-06-19T13:48:16Z
- Modified
- 2025-10-17T07:09:16.512339Z
- Summary
- crypto: qat - validate slices count returned by FW
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
crypto: qat - validate slices count returned by FW
The function adfsendadmintlstart() enables the telemetry (TL) feature on a QAT device by sending the ICPQATFWTLSTART message to the firmware. This triggers the FW to start writing TL data to a DMA buffer in memory and returns an array containing the number of accelerators of each type (slices) supported by this HW. The pointer to this array is stored in the adftlhwdata data structure called slicecnt.
The array slicecnt is then used in the function tlprintdevdata() to report in debugfs only statistics about the supported accelerators. An incorrect value of the elements in slice_cnt might lead to an out of bounds memory read. At the moment, there isn't an implementation of FW that returns a wrong value, but for robustness validate the slice count array returned by FW.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced69e7649f7cc2aaa7889174456d39319a623c1a18Fixede57ed345e2e6043629fc74aa5be051415dcc4f77
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced69e7649f7cc2aaa7889174456d39319a623c1a18Fixed9b284b915e2a5e63ca133353f8c456eff4446f82
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced69e7649f7cc2aaa7889174456d39319a623c1a18Fixed483fd65ce29317044d1d00757e3fd23503b6b04c
Affected versions
v6.*
v6.7
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.10
v6.8.11
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
Database specific
vanir_signatures
[
{
"id": "CVE-2024-38606-16cc70a9",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b284b915e2a5e63ca133353f8c456eff4446f82",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.h"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"180061455649047354109625475621080265787",
"229216177846901429860204781757742965573",
"106101217354350026848629223566616525013",
"37249914973876651882201340517962811960"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-2075a092",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@483fd65ce29317044d1d00757e3fd23503b6b04c",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.c"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"29753369863746486633864985455846459079",
"204288953080831280888748798697466544407",
"143906787657703220579300562194878075795",
"118372063464582343671933344137209069361",
"247249279103520865512820627663690470636",
"167461233300855914547223562221027432946"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-3412fbbc",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b284b915e2a5e63ca133353f8c456eff4446f82",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.c",
"function": "adf_tl_run"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 489.0,
"function_hash": "71477640490032360825763142958712723400"
}
},
{
"id": "CVE-2024-38606-3d7ae64f",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@483fd65ce29317044d1d00757e3fd23503b6b04c",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.c",
"function": "adf_tl_run"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 489.0,
"function_hash": "71477640490032360825763142958712723400"
}
},
{
"id": "CVE-2024-38606-5f787e36",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e57ed345e2e6043629fc74aa5be051415dcc4f77",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.c"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"29753369863746486633864985455846459079",
"204288953080831280888748798697466544407",
"143906787657703220579300562194878075795",
"118372063464582343671933344137209069361",
"247249279103520865512820627663690470636",
"167461233300855914547223562221027432946"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-761de9f2",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@483fd65ce29317044d1d00757e3fd23503b6b04c",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c",
"function": "adf_gen4_init_tl_data"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 719.0,
"function_hash": "181436277110161818537366086549746027014"
}
},
{
"id": "CVE-2024-38606-7e9c2414",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@483fd65ce29317044d1d00757e3fd23503b6b04c",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"68287094432513464294544817278734269016",
"258530929148589624709759790311487955804",
"58245585901053150131811661421880545053"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-ad492e7c",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b284b915e2a5e63ca133353f8c456eff4446f82",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"68287094432513464294544817278734269016",
"258530929148589624709759790311487955804",
"58245585901053150131811661421880545053"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-b7d0d73f",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b284b915e2a5e63ca133353f8c456eff4446f82",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c",
"function": "adf_gen4_init_tl_data"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 719.0,
"function_hash": "181436277110161818537366086549746027014"
}
},
{
"id": "CVE-2024-38606-c02112a1",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e57ed345e2e6043629fc74aa5be051415dcc4f77",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c",
"function": "adf_gen4_init_tl_data"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 719.0,
"function_hash": "181436277110161818537366086549746027014"
}
},
{
"id": "CVE-2024-38606-c963c2e6",
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e57ed345e2e6043629fc74aa5be051415dcc4f77",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.c",
"function": "adf_tl_run"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 489.0,
"function_hash": "71477640490032360825763142958712723400"
}
},
{
"id": "CVE-2024-38606-cb034f05",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e57ed345e2e6043629fc74aa5be051415dcc4f77",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"68287094432513464294544817278734269016",
"258530929148589624709759790311487955804",
"58245585901053150131811661421880545053"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-cb50a693",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e57ed345e2e6043629fc74aa5be051415dcc4f77",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.h"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"180061455649047354109625475621080265787",
"229216177846901429860204781757742965573",
"106101217354350026848629223566616525013",
"37249914973876651882201340517962811960"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-d1878328",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9b284b915e2a5e63ca133353f8c456eff4446f82",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.c"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"29753369863746486633864985455846459079",
"204288953080831280888748798697466544407",
"143906787657703220579300562194878075795",
"118372063464582343671933344137209069361",
"247249279103520865512820627663690470636",
"167461233300855914547223562221027432946"
],
"threshold": 0.9
}
},
{
"id": "CVE-2024-38606-e5cb76fa",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@483fd65ce29317044d1d00757e3fd23503b6b04c",
"target": {
"file": "drivers/crypto/intel/qat/qat_common/adf_telemetry.h"
},
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"180061455649047354109625475621080265787",
"229216177846901429860204781757742965573",
"106101217354350026848629223566616525013",
"37249914973876651882201340517962811960"
],
"threshold": 0.9
}
}
]