 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2024-36007 |
| Description: | In the Linux kernel, the following vulnerability has been resolved:
mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously
explained, the rehash delayed work migrates filters from one region to
another. This is done by iterating over all chunks (all the filters
with the same priority) in the region and in each chunk iterating over
all the filters. When the work runs out of credits it stores the
current chunk and entry as markers in the per-work context so that it
would know where to resume the migration from the next time the work
is scheduled. Upon error, the chunk marker is reset to NULL, but
without resetting the entry markers despite being relative to it. This
can result in migration being resumed from an entry that does not
belong to the chunk being migrated. In turn, this will eventually lead
to a chunk being iterated over as if it is an entry. Because of how
the two structures happen to be defined, this does not lead to KASAN
splats, but to warnings such as [1]. Fix by creating a helper that
resets all the markers and call it from all the places the currently
only reset the chunk marker. For good measures also call it when
starting a completely new rehash. Add a warning to avoid future cases.
[1] WARNING: CPU: 7 PID: 1076 at
drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c:407
mlxsw_afk_encode+0x242/0x2f0 Modules linked in: CPU: 7 PID: 1076 Comm:
kworker/7:24 Tainted: G W 6.9.0-rc3-custom-00880-g29e61d91b77b #29
Hardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11
01/06/2019 Workqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work
RIP: 0010:mlxsw_afk_encode+0x242/0x2f0 [...] Call Trace: |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-36007 https://git.kernel.org/stable/c/039992b6d2df097c65f480dcf269de3d2656f573 https://git.kernel.org/stable/c/039992b6d2df097c65f480dcf269de3d2656f573 https://git.kernel.org/stable/c/0b88631855026b55cad901ac28d081e0f358e596 https://git.kernel.org/stable/c/0b88631855026b55cad901ac28d081e0f358e596 https://git.kernel.org/stable/c/17e9e0bbae652b9b2049e51699e93dfa60b2988d https://git.kernel.org/stable/c/17e9e0bbae652b9b2049e51699e93dfa60b2988d https://git.kernel.org/stable/c/1d76bd2a0034d0d08045c1c6adf2235d88982952 https://git.kernel.org/stable/c/1d76bd2a0034d0d08045c1c6adf2235d88982952 https://git.kernel.org/stable/c/743edc8547a92b6192aa1f1b6bb78233fa21dc9b https://git.kernel.org/stable/c/743edc8547a92b6192aa1f1b6bb78233fa21dc9b https://git.kernel.org/stable/c/751d352858108314efd33dddd5a9a2b6bf7d6916 https://git.kernel.org/stable/c/751d352858108314efd33dddd5a9a2b6bf7d6916 https://git.kernel.org/stable/c/e890456051fe8c57944b911defb3e6de91315861 https://git.kernel.org/stable/c/e890456051fe8c57944b911defb3e6de91315861 |