Bugzilla – Bug 1227824
VUL-0: CVE-2024-40990: kernel: RDMA/mlx5: Add check for srq max_sge attribute
Last modified: 2024-07-17 16:12:38 UTC
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq max_sge attribute max_sge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-40990 https://www.cve.org/CVERecord?id=CVE-2024-40990 https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3 https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511 https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2 https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-40990.mbox