CVE-2024-36476
- Source
- https://cve.org/CVERecord?id=CVE-2024-36476
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36476.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-36476
- Downstream
- Related
- Published
- 2025-01-15T13:10:20.507Z
- Modified
- 2026-03-20T12:36:49.788831Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- RDMA/rtrs: Ensure 'ib_sge list' is accessible
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
RDMA/rtrs: Ensure 'ib_sge list' is accessible
Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function.
Previously, 'ibsge list' was declared within the 'alwaysinvalidate' block, limiting its accessibility, then caused a 'BUG: kernel NULL pointer dereference'[1]. ? __diebody.cold+0x19/0x27 ? pagefault_oops+0x15a/0x2d0 ? searchmoduleextables+0x19/0x60 ? searchbpfextables+0x5f/0x80 ? excpagefault+0x7e/0x180 ? asmexcpagefault+0x26/0x30 ? memcpyorig+0xd5/0x140 rxemrcopy+0x1c3/0x200 [rdmarxe] ? rxepoolgetindex+0x4b/0x80 [rdmarxe] copydata+0xa5/0x230 [rdmarxe] rxerequester+0xd9b/0xf70 [rdmarxe] ? finishtaskswitch.isra.0+0x99/0x2e0 rxesender+0x13/0x40 [rdmarxe] dotask+0x68/0x1e0 [rdmarxe] processonework+0x177/0x330 workerthread+0x252/0x390 ? __pfxworkerthread+0x10/0x10
This change ensures the variable is available for subsequent operations that require it.
[1] https://lore.kernel.org/linux-rdma/6a1f3e8f-deb0-49f9-bc69-a9b03ecfcda7@fujitsu.com/
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36476.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/143378075904e78b3b2a810099bcc3b3d82d762f
- https://git.kernel.org/stable/c/32e1e748a85bd52b20b3857d80fd166d22fa455a
- https://git.kernel.org/stable/c/6ffb5c1885195ae5211a12b4acd2d51843ca41b0
- https://git.kernel.org/stable/c/7eaa71f56a6f7ab87957213472dc6d4055862722
- https://git.kernel.org/stable/c/b238f61cc394d5fef27b26d7d9aa383ebfddabb0
- https://git.kernel.org/stable/c/fb514b31395946022f13a08e06a435f53cf9e8b3
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36476.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-36476
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9cb837480424e78ed585376f944088246685aec3Fixed7eaa71f56a6f7ab87957213472dc6d4055862722Fixed143378075904e78b3b2a810099bcc3b3d82d762fFixed32e1e748a85bd52b20b3857d80fd166d22fa455aFixedb238f61cc394d5fef27b26d7d9aa383ebfddabb0Fixed6ffb5c1885195ae5211a12b4acd2d51843ca41b0Fixedfb514b31395946022f13a08e06a435f53cf9e8b3