CVE-2024-38595

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38595
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38595.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-38595
Related
Published
2024-06-19T14:15:19Z
Modified
2024-09-11T04:59:20.676928Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Fix peer devlink set for SF representor devlink port

The cited patch change register devlink flow, and neglect to reflect the changes for peer devlink set logic. Peer devlink set is triggering a call trace if done after devl_register.[1]

Hence, align peer devlink set logic with register devlink flow.

[1] WARNING: CPU: 4 PID: 3394 at net/devlink/core.c:155 devlinkrelnestedinadd+0x177/0x180 CPU: 4 PID: 3394 Comm: kworker/u40:1 Not tainted 6.9.0-rc4forlinustmindebug202404161408 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 Workqueue: mlx5vhcaevent0 mlx5vhcastateworkhandler [mlx5core] RIP: 0010:devlinkrelnestedinadd+0x177/0x180 Call Trace: <TASK> ? _warn+0x78/0x120 ? devlinkrelnestedinadd+0x177/0x180 ? reportbug+0x16d/0x180 ? handlebug+0x3c/0x60 ? excinvalidop+0x14/0x70 ? asmexcinvalidop+0x16/0x20 ? devlinkportinit+0x30/0x30 ? devlinkporttypeclear+0x50/0x50 ? devlinkrelnestedinadd+0x177/0x180 ? devlinkrelnestedinadd+0xdd/0x180 mlx5sfmdevevent+0x74/0xb0 [mlx5core] notifiercallchain+0x35/0xb0 blockingnotifiercallchain+0x3d/0x60 mlx5blockingnotifiercallchain+0x22/0x30 [mlx5core] mlx5sfdevprobe+0x185/0x3e0 [mlx5core] auxiliarybusprobe+0x38/0x80 ? driversysfsadd+0x51/0x80 reallyprobe+0xc5/0x3a0 ? driverprobedevice+0x90/0x90 _driverprobedevice+0x80/0x160 driverprobedevice+0x1e/0x90 _deviceattachdriver+0x7d/0x100 busforeachdrv+0x80/0xd0 _deviceattach+0xbc/0x1f0 busprobedevice+0x86/0xa0 deviceadd+0x64f/0x860 _auxiliarydeviceadd+0x3b/0xa0 mlx5sfdevadd+0x139/0x330 [mlx5core] mlx5sfdevstatechangehandler+0x1e4/0x250 [mlx5core] notifiercallchain+0x35/0xb0 blockingnotifiercallchain+0x3d/0x60 mlx5vhcastateworkhandler+0x151/0x200 [mlx5core] processonework+0x13f/0x2e0 workerthread+0x2bd/0x3c0 ? rescuerthread+0x410/0x410 kthread+0xc4/0xf0 ? kthreadcompleteandexit+0x20/0x20 retfromfork+0x2d/0x50 ? kthreadcompleteandexit+0x20/0x20 retfromforkasm+0x11/0x20 </TASK>

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.12-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1
6.8.9-1
6.8.11-1
6.8.12-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}