CVE-2024-38539

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38539
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38539.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-38539
Related
Published
2024-06-19T14:15:14Z
Modified
2024-09-11T05:04:15.200038Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw

When running blktests nvme/rdma, the following kmemleak issue will appear.

kmemleak: Kernel memory leak detector initialized (mempool available:36041) kmemleak: Automatic memory scanning thread started kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak) kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) kmemleak: 17 new suspected memory leaks (see /sys/kernel/debug/kmemleak) kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)

unreferenced object 0xffff88855da53400 (size 192): comm "rdma", pid 10630, jiffies 4296575922 hex dump (first 32 bytes): 37 00 00 00 00 00 00 00 c0 ff ff ff 1f 00 00 00 7............... 10 34 a5 5d 85 88 ff ff 10 34 a5 5d 85 88 ff ff .4.].....4.].... backtrace (crc 47f66721): [<ffffffff911251bd>] kmalloctrace+0x30d/0x3b0 [<ffffffffc2640ff7>] allocgidentry+0x47/0x380 [ibcore] [<ffffffffc2642206>] addmodifygid+0x166/0x930 [ibcore] [<ffffffffc2643468>] ibcacheupdate.part.0+0x6d8/0x910 [ibcore] [<ffffffffc2644e1a>] ibcachesetupone+0x24a/0x350 [ibcore] [<ffffffffc263949e>] ibregisterdevice+0x9e/0x3a0 [ibcore] [<ffffffffc2a3d389>] 0xffffffffc2a3d389 [<ffffffffc2688cd8>] nldevnewlink+0x2b8/0x520 [ibcore] [<ffffffffc2645fe3>] rdmanlrcvmsg+0x2c3/0x520 [ibcore] [<ffffffffc264648c>] rdmanlrcvskb.constprop.0.isra.0+0x23c/0x3a0 [ibcore] [<ffffffff9270e7b5>] netlinkunicast+0x445/0x710 [<ffffffff9270f1f1>] netlinksendmsg+0x761/0xc40 [<ffffffff9249db29>] _syssendto+0x3a9/0x420 [<ffffffff9249dc8c>] _x64syssendto+0xdc/0x1b0 [<ffffffff92db0ad3>] dosyscall64+0x93/0x180 [<ffffffff92e00126>] entrySYSCALL64afterhwframe+0x71/0x79

The root cause: rdmaputgidattr is not called when sgidattr is set to ERR_PTR(-ENODEV).

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.12-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1
6.8.9-1
6.8.11-1
6.8.12-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}