CVE-2024-50208
MEDIUMLinux Kernel 5.7-6.11.6 - Out-of-bounds Read in RDMA/bnxt_re
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (contiguous pages in the case of > PAGE_SIZE), but, current logic assumes multiple pages, leading to invalid memory access after 256K PBL entries in the PDE.
References (8)
Core 8
Core References
Scores
CVSS v3
5.5
EPSS
0.0022
EPSS Percentile
12.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (21)
linux/Kernel
5.11.0 - 5.15.170linux
linux/Kernel
5.16.0 - 6.1.115linux
linux/Kernel
5.7.0 - 5.10.229linux
linux/Kernel
6.2.0 - 6.6.59linux
linux/Kernel
6.7.0 - 6.11.6linux
Linux/Linux
< 5.7
Linux/Linux
0c4dcd602817502bb3dced7a834a13ef717d65a4 - 7988bdbbb85ac85a847baf09879edcd0f70521dc
Linux/Linux
0c4dcd602817502bb3dced7a834a13ef717d65a4 - 87cb3b0054e53e0155b630bdf8fb714ded62565f
Linux/Linux
0c4dcd602817502bb3dced7a834a13ef717d65a4 - daac56dd98e1ba814c878ac0acd482a37f2ab94b
Linux/Linux
0c4dcd602817502bb3dced7a834a13ef717d65a4 - de5857fa7bcc9a496a914c7e21390be873109f26
... and 11 more
Published
Nov 08, 2024
Tracked Since
Feb 18, 2026