CVE-2024-38542

HIGH

Linux Kernel 6.8.2-6.8.11, 6.9.0-6.9.2, 6.10 - Improper Array Index Validation in RDMA mana_ib

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: boundary check before installing cq callbacks Add a boundary check inside mana_ib_install_cq_cb to prevent index overflow.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/f12afddfb142587d786df9e3cc4862190d3e2ec8

Patch

https://git.kernel.org/stable/c/168f6fbde0eabd71d1f4133df7d001a950b96977

Patch

https://git.kernel.org/stable/c/f79edef79b6a2161f4124112f9b0c46891bb0b74

Scores

CVSS v3 7.1

EPSS 0.0025

EPSS Percentile 15.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-129

Status published

Products (12)

linux/Kernel < 6.8.12linux

linux/Kernel 6.9.0 - 6.9.3linux

Linux/Linux < 6.9

Linux/Linux 2a31c5a7e0d87959a03e846523013c75f4395a91 - 168f6fbde0eabd71d1f4133df7d001a950b96977

Linux/Linux 2a31c5a7e0d87959a03e846523013c75f4395a91 - f79edef79b6a2161f4124112f9b0c46891bb0b74

Linux/Linux 6.10

Linux/Linux 6.8.12 - 6.8.*

Linux/Linux 6.8.2 - 6.8.12

Linux/Linux 6.9

Linux/Linux 6.9.3 - 6.9.*

... and 2 more

Published Jun 19, 2024

Tracked Since Feb 18, 2026