CVE-2024-53138
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-53138
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53138.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-53138
- Downstream
- Related
- Published
- 2024-12-04T15:15:13Z
- Modified
- 2025-08-09T20:01:27Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: kTLS, Fix incorrect page refcounting
The kTLS tx handling code is using a mix of getpage() and pagerefinc() APIs to increment the page reference. But on the release path (mlx5ektlstxhandleresyncdumpcomp()), only putpage() is used.
This is an issue when using pages from large folios: the getpage() references are stored on the folio page while the pageref_inc() references are stored directly in the given page. On release the folio page will be dereferenced too many times.
This was found while doing kTLS testing with sendfile() + ZC when the served file was read from NFS on a kernel with NFS large folios support (commit 49b29a573da8 ("nfs: add support for large folios")).
- References
-
- https://git.kernel.org/stable/c/2723e8b2cbd486cb96e5a61b22473f7fd62e18df
- https://git.kernel.org/stable/c/69fbd07f17b0fdaf8970bc705f5bf115c297839d
- https://git.kernel.org/stable/c/93a14620b97c911489a5b008782f3d9b0c4aeff4
- https://git.kernel.org/stable/c/dd6e972cc5890d91d6749bb48e3912721c4e4b25
- https://git.kernel.org/stable/c/a0ddb20a748b122ea86003485f7992fa5e84cc95
- https://git.kernel.org/stable/c/c7b97f9e794d8e2bbaa50e1d6c230196fd214b5e
- https://git.kernel.org/stable/c/ffad2ac8c859c1c1a981fe9c4f7ff925db684a43