CVE-2024-36476
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-36476
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36476.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-36476
- Downstream
- Related
- Published
- 2025-01-15T13:15:09Z
- Modified
- 2025-08-09T20:01:26Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
RDMA/rtrs: Ensure 'ib_sge list' is accessible
Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function.
Previously, 'ibsge list' was declared within the 'alwaysinvalidate' block, limiting its accessibility, then caused a 'BUG: kernel NULL pointer dereference'[1]. ? _diebody.cold+0x19/0x27 ? pagefaultoops+0x15a/0x2d0 ? searchmoduleextables+0x19/0x60 ? searchbpfextables+0x5f/0x80 ? excpagefault+0x7e/0x180 ? asmexcpagefault+0x26/0x30 ? memcpyorig+0xd5/0x140 rxemrcopy+0x1c3/0x200 [rdmarxe] ? rxepoolgetindex+0x4b/0x80 [rdmarxe] copydata+0xa5/0x230 [rdmarxe] rxerequester+0xd9b/0xf70 [rdmarxe] ? finishtaskswitch.isra.0+0x99/0x2e0 rxesender+0x13/0x40 [rdmarxe] dotask+0x68/0x1e0 [rdmarxe] processonework+0x177/0x330 workerthread+0x252/0x390 ? _pfxworker_thread+0x10/0x10
This change ensures the variable is available for subsequent operations that require it.
[1] https://lore.kernel.org/linux-rdma/6a1f3e8f-deb0-49f9-bc69-a9b03ecfcda7@fujitsu.com/
- References
-
- https://git.kernel.org/stable/c/143378075904e78b3b2a810099bcc3b3d82d762f
- https://git.kernel.org/stable/c/32e1e748a85bd52b20b3857d80fd166d22fa455a
- https://git.kernel.org/stable/c/6ffb5c1885195ae5211a12b4acd2d51843ca41b0
- https://git.kernel.org/stable/c/7eaa71f56a6f7ab87957213472dc6d4055862722
- https://git.kernel.org/stable/c/b238f61cc394d5fef27b26d7d9aa383ebfddabb0
- https://git.kernel.org/stable/c/fb514b31395946022f13a08e06a435f53cf9e8b3