cve-2024-38595
Vulnerability from cvelistv5
Published
2024-06-19 13:45
Modified
2024-11-05 09:30
Severity ?
Summary
net/mlx5: Fix peer devlink set for SF representor devlink port
Impacted products
Vendor Product Version
Linux Linux Version: 6.9
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:12:25.973Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a0501201751034ebe7a22bd9483ed28fea1cd213"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/05d9d7b66836d87c914f8fdd4b062b78e373458d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3c453e8cc672de1f9c662948dba43176bc68d7f0"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38595",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:13:40.656790Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:54.754Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/main.c",
            "drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a05012017510",
              "status": "affected",
              "version": "967caa3d37c0",
              "versionType": "git"
            },
            {
              "lessThan": "05d9d7b66836",
              "status": "affected",
              "version": "bf729988303a",
              "versionType": "git"
            },
            {
              "lessThan": "3c453e8cc672",
              "status": "affected",
              "version": "bf729988303a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/main.c",
            "drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.9"
            },
            {
              "lessThan": "6.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix peer devlink set for SF representor devlink port\n\nThe cited patch change register devlink flow, and neglect to reflect\nthe changes for peer devlink set logic. Peer devlink set is\ntriggering a call trace if done after devl_register.[1]\n\nHence, align peer devlink set logic with register devlink flow.\n\n[1]\nWARNING: CPU: 4 PID: 3394 at net/devlink/core.c:155 devlink_rel_nested_in_add+0x177/0x180\nCPU: 4 PID: 3394 Comm: kworker/u40:1 Not tainted 6.9.0-rc4_for_linust_min_debug_2024_04_16_14_08 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nWorkqueue: mlx5_vhca_event0 mlx5_vhca_state_work_handler [mlx5_core]\nRIP: 0010:devlink_rel_nested_in_add+0x177/0x180\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x78/0x120\n ? devlink_rel_nested_in_add+0x177/0x180\n ? report_bug+0x16d/0x180\n ? handle_bug+0x3c/0x60\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? devlink_port_init+0x30/0x30\n ? devlink_port_type_clear+0x50/0x50\n ? devlink_rel_nested_in_add+0x177/0x180\n ? devlink_rel_nested_in_add+0xdd/0x180\n mlx5_sf_mdev_event+0x74/0xb0 [mlx5_core]\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_sf_dev_probe+0x185/0x3e0 [mlx5_core]\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc5/0x3a0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x64f/0x860\n __auxiliary_device_add+0x3b/0xa0\n mlx5_sf_dev_add+0x139/0x330 [mlx5_core]\n mlx5_sf_dev_state_change_handler+0x1e4/0x250 [mlx5_core]\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_vhca_state_work_handler+0x151/0x200 [mlx5_core]\n process_one_work+0x13f/0x2e0\n worker_thread+0x2bd/0x3c0\n ? rescuer_thread+0x410/0x410\n kthread+0xc4/0xf0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x50\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:30:34.739Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a0501201751034ebe7a22bd9483ed28fea1cd213"
        },
        {
          "url": "https://git.kernel.org/stable/c/05d9d7b66836d87c914f8fdd4b062b78e373458d"
        },
        {
          "url": "https://git.kernel.org/stable/c/3c453e8cc672de1f9c662948dba43176bc68d7f0"
        }
      ],
      "title": "net/mlx5: Fix peer devlink set for SF representor devlink port",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-38595",
    "datePublished": "2024-06-19T13:45:45.336Z",
    "dateReserved": "2024-06-18T19:36:34.931Z",
    "dateUpdated": "2024-11-05T09:30:34.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-38595\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-06-19T14:15:19.550\",\"lastModified\":\"2024-11-21T09:26:26.517\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/mlx5: Fix peer devlink set for SF representor devlink port\\n\\nThe cited patch change register devlink flow, and neglect to reflect\\nthe changes for peer devlink set logic. Peer devlink set is\\ntriggering a call trace if done after devl_register.[1]\\n\\nHence, align peer devlink set logic with register devlink flow.\\n\\n[1]\\nWARNING: CPU: 4 PID: 3394 at net/devlink/core.c:155 devlink_rel_nested_in_add+0x177/0x180\\nCPU: 4 PID: 3394 Comm: kworker/u40:1 Not tainted 6.9.0-rc4_for_linust_min_debug_2024_04_16_14_08 #1\\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\\nWorkqueue: mlx5_vhca_event0 mlx5_vhca_state_work_handler [mlx5_core]\\nRIP: 0010:devlink_rel_nested_in_add+0x177/0x180\\nCall Trace:\\n \u003cTASK\u003e\\n ? __warn+0x78/0x120\\n ? devlink_rel_nested_in_add+0x177/0x180\\n ? report_bug+0x16d/0x180\\n ? handle_bug+0x3c/0x60\\n ? exc_invalid_op+0x14/0x70\\n ? asm_exc_invalid_op+0x16/0x20\\n ? devlink_port_init+0x30/0x30\\n ? devlink_port_type_clear+0x50/0x50\\n ? devlink_rel_nested_in_add+0x177/0x180\\n ? devlink_rel_nested_in_add+0xdd/0x180\\n mlx5_sf_mdev_event+0x74/0xb0 [mlx5_core]\\n notifier_call_chain+0x35/0xb0\\n blocking_notifier_call_chain+0x3d/0x60\\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\\n mlx5_sf_dev_probe+0x185/0x3e0 [mlx5_core]\\n auxiliary_bus_probe+0x38/0x80\\n ? driver_sysfs_add+0x51/0x80\\n really_probe+0xc5/0x3a0\\n ? driver_probe_device+0x90/0x90\\n __driver_probe_device+0x80/0x160\\n driver_probe_device+0x1e/0x90\\n __device_attach_driver+0x7d/0x100\\n bus_for_each_drv+0x80/0xd0\\n __device_attach+0xbc/0x1f0\\n bus_probe_device+0x86/0xa0\\n device_add+0x64f/0x860\\n __auxiliary_device_add+0x3b/0xa0\\n mlx5_sf_dev_add+0x139/0x330 [mlx5_core]\\n mlx5_sf_dev_state_change_handler+0x1e4/0x250 [mlx5_core]\\n notifier_call_chain+0x35/0xb0\\n blocking_notifier_call_chain+0x3d/0x60\\n mlx5_vhca_state_work_handler+0x151/0x200 [mlx5_core]\\n process_one_work+0x13f/0x2e0\\n worker_thread+0x2bd/0x3c0\\n ? rescuer_thread+0x410/0x410\\n kthread+0xc4/0xf0\\n ? kthread_complete_and_exit+0x20/0x20\\n ret_from_fork+0x2d/0x50\\n ? kthread_complete_and_exit+0x20/0x20\\n ret_from_fork_asm+0x11/0x20\\n \u003c/TASK\u003e\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5: corrige el conjunto de enlaces de desarrollo de pares para el puerto devlink del representante SF. El flujo de devlink del registro de cambios de parche citado y no refleja los cambios para la l\u00f3gica del conjunto de enlaces de desarrollo de pares. El conjunto de devlink de pares activa un seguimiento de llamadas si se realiza despu\u00e9s de devl_register.[1] Por lo tanto, alinee la l\u00f3gica del conjunto de devlink de pares con el flujo de registro de devlink. [1] ADVERTENCIA: CPU: 4 PID: 3394 en net/devlink/core.c:155 devlink_rel_nested_in_add+0x177/0x180 CPU: 4 PID: 3394 Comm: kworker/u40:1 No contaminado 6.9.0-rc4_for_linust_min_debug_2024_04_16_14_0 8 #1 Nombre del hardware : PC est\u00e1ndar QEMU (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 01/04/2014 Cola de trabajo: mlx5_vhca_event0 mlx5_vhca_state_work_handler [mlx5_core] RIP 0010:devlink_rel_nested_in_ agregar+0x177/0x180 Llamar Seguimiento:  ? __advertir+0x78/0x120 ? devlink_rel_nested_in_add+0x177/0x180? report_bug+0x16d/0x180? handle_bug+0x3c/0x60? exc_invalid_op+0x14/0x70? asm_exc_invalid_op+0x16/0x20? devlink_port_init+0x30/0x30? devlink_port_type_clear+0x50/0x50? devlink_rel_nested_in_add+0x177/0x180? devlink_rel_nested_in_add+0xdd/0x180 mlx5_sf_mdev_event+0x74/0xb0 [mlx5_core] notifier_call_chain+0x35/0xb0 blocking_notifier_call_chain+0x3d/0x60 mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core] x5_sf_dev_probe+0x185/0x3e0 [mlx5_core] auxiliar_bus_probe+0x38/0x80? driver_sysfs_add+0x51/0x80 realmente_probe+0xc5/0x3a0? driver_probe_device+0x90/0x90 __driver_probe_device+0x80/0x160 driver_probe_device+0x1e/0x90 __device_attach_driver+0x7d/0x100 bus_for_each_drv+0x80/0xd0 __device_attach+0xbc/0x1f0 bus_probe_device+0x8 6/0xa0 dispositivo_add+0x64f/0x860 __auxiliary_device_add+0x3b/0xa0 mlx5_sf_dev_add+0x139/0x330 [mlx5_core] mlx5_sf_dev_state_change_handler+0x1e4/0x250 [mlx5_core] notifier_call_chain+0x35/0xb0 blocking_notifier_call_chain+0x3d/0x60 mlx5_vhca_state_work_handler+0x151/0x200 [mlx5_core Process_one_work+0x13f] /0x2e0 hilo_trabajador+0x2bd/0x3c0 ? hilo_rescate+0x410/0x410 kthread+0xc4/0xf0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x2d/0x50 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork_asm+0x11/0x20 \"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/05d9d7b66836d87c914f8fdd4b062b78e373458d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3c453e8cc672de1f9c662948dba43176bc68d7f0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a0501201751034ebe7a22bd9483ed28fea1cd213\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/05d9d7b66836d87c914f8fdd4b062b78e373458d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/3c453e8cc672de1f9c662948dba43176bc68d7f0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/a0501201751034ebe7a22bd9483ed28fea1cd213\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.