CVE-2024-36476

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-36476
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36476.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-36476
Downstream
Related
Published
2025-01-15T13:15:09Z
Modified
2025-08-09T20:01:26Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rtrs: Ensure 'ib_sge list' is accessible

Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function.

Previously, 'ibsge list' was declared within the 'alwaysinvalidate' block, limiting its accessibility, then caused a 'BUG: kernel NULL pointer dereference'[1]. ? _diebody.cold+0x19/0x27 ? pagefaultoops+0x15a/0x2d0 ? searchmoduleextables+0x19/0x60 ? searchbpfextables+0x5f/0x80 ? excpagefault+0x7e/0x180 ? asmexcpagefault+0x26/0x30 ? memcpyorig+0xd5/0x140 rxemrcopy+0x1c3/0x200 [rdmarxe] ? rxepoolgetindex+0x4b/0x80 [rdmarxe] copydata+0xa5/0x230 [rdmarxe] rxerequester+0xd9b/0xf70 [rdmarxe] ? finishtaskswitch.isra.0+0x99/0x2e0 rxesender+0x13/0x40 [rdmarxe] dotask+0x68/0x1e0 [rdmarxe] processonework+0x177/0x330 workerthread+0x252/0x390 ? _pfxworker_thread+0x10/0x10

This change ensures the variable is available for subsequent operations that require it.

[1] https://lore.kernel.org/linux-rdma/6a1f3e8f-deb0-49f9-bc69-a9b03ecfcda7@fujitsu.com/

References

Affected packages