Home

CVE-2024-38595

Description

In the Linux kernel, the following vulnerability has been resolved:net/mlx5: Fix peer devlink set for SF representor devlink portThe cited patch change register devlink flow, and neglect to reflectthe changes for peer devlink set logic. Peer devlink set istriggering a call trace if done after devl_register.[1]Hence, align peer devlink set logic with register devlink flow.[1]WARNING: CPU: 4 PID: 3394 at net/devlink/core.c:155 devlink_rel_nested_in_add+0x177/0x180CPU: 4 PID: 3394 Comm: kworker/u40:1 Not tainted 6.9.0-rc4_for_linust_min_debug_2024_04_16_14_08 #1Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014Workqueue: mlx5_vhca_event0 mlx5_vhca_state_work_handler [mlx5_core]RIP: 0010:devlink_rel_nested_in_add+0x177/0x180Call Trace: __warn+0x78/0x120 devlink_rel_nested_in_add+0x177/0x180 report_bug+0x16d/0x180 handle_bug+0x3c/0x60 exc_invalid_op+0x14/0x70 asm_exc_invalid_op+0x16/0x20 devlink_port_init+0x30/0x30 devlink_port_type_clear+0x50/0x50 devlink_rel_nested_in_add+0x177/0x180 devlink_rel_nested_in_add+0xdd/0x180 mlx5_sf_mdev_event+0x74/0xb0 [mlx5_core] notifier_call_chain+0x35/0xb0 blocking_notifier_call_chain+0x3d/0x60 mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core] mlx5_sf_dev_probe+0x185/0x3e0 [mlx5_core] auxiliary_bus_probe+0x38/0x80 driver_sysfs_add+0x51/0x80 really_probe+0xc5/0x3a0 driver_probe_device+0x90/0x90 __driver_probe_device+0x80/0x160 driver_probe_device+0x1e/0x90 __device_attach_driver+0x7d/0x100 bus_for_each_drv+0x80/0xd0 __device_attach+0xbc/0x1f0 bus_probe_device+0x86/0xa0 device_add+0x64f/0x860 __auxiliary_device_add+0x3b/0xa0 mlx5_sf_dev_add+0x139/0x330 [mlx5_core] mlx5_sf_dev_state_change_handler+0x1e4/0x250 [mlx5_core] notifier_call_chain+0x35/0xb0 blocking_notifier_call_chain+0x3d/0x60 mlx5_vhca_state_work_handler+0x151/0x200 [mlx5_core] process_one_work+0x13f/0x2e0 worker_thread+0x2bd/0x3c0 rescuer_thread+0x410/0x410 kthread+0xc4/0xf0 kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x2d/0x50 kthread_complete_and_exit+0x20/0x20 ret_from_fork_asm+0x11/0x20

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.031

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-6949-1) linux-image-6.8.0-1008-gke_6.8.0-1008.11_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-6.8.0-1010-ibm_6.8.0-1010.10_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-6.8.0-1010-oem_6.8.0-1010.10_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-6.8.0-1011-nvidia_6.8.0-1011.11_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-6.8.0-1011-nvidia_6.8.0-1011.11~22.04.1_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-6.8.0-1012-gcp_6.8.0-1012.13_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-6.8.0-1013-aws_6.8.0-1013.14_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-6.8.0-40-generic_6.8.0-40.40_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-aws_6.8.0-1013.14_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-gcp_6.8.0-1012.13_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-generic_6.8.0-40.40_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-generic-hwe-24.04_6.8.0-40.40_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-gke_6.8.0-1008.11_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-ibm_6.8.0-1010.10_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-ibm-classic_6.8.0-1010.10_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-ibm-lts-24.04_6.8.0-1010.10_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-kvm_6.8.0-40.40_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-nvidia_6.8.0-1011.11_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-nvidia-6.8_6.8.0-1011.11~22.04.1_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-oem-24.04_6.8.0-1010.10_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-oem-24.04a_6.8.0-1010.10_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-virtual_6.8.0-40.40_amd64.debLinux
Linux kernel (USN-6949-1) linux-image-virtual-hwe-24.04_6.8.0-40.40_amd64.debLinux
Linux low latency kernel for NVIDIA systems (USN-6952-1) linux-image-6.8.0-1010-oracle_6.8.0-1010.10_amd64.debLinux
Linux low latency kernel for NVIDIA systems (USN-6952-1) linux-image-6.8.0-1011-nvidia-lowlatency_6.8.0-1011.11.1_amd64.debLinux
Linux low latency kernel for NVIDIA systems (USN-6952-1) linux-image-nvidia-lowlatency_6.8.0-1011.11.1_amd64.debLinux
Linux low latency kernel for NVIDIA systems (USN-6952-1) linux-image-oracle_6.8.0-1010.10_amd64.debLinux
Linux kernel for OEM systems (USN-6955-1) linux-image-6.8.0-1010-oem_6.8.0-1010.10_amd64.debLinux
Linux kernel for OEM systems (USN-6955-1) linux-image-oem-24.04_6.8.0-1010.10_amd64.debLinux
Linux kernel for OEM systems (USN-6955-1) linux-image-oem-24.04a_6.8.0-1010.10_amd64.debLinux
Linux low latency kernel (USN-6949-2) linux-image-6.8.0-40-lowlatency_6.8.0-40.40.1_amd64.debLinux
Linux low latency kernel (USN-6949-2) linux-image-lowlatency_6.8.0-40.40.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6952-2) linux-image-6.8.0-1012-azure_6.8.0-1012.14_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6952-2) linux-image-6.8.0-1012-azure-fde_6.8.0-1012.14_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6952-2) linux-image-azure_6.8.0-1012.14_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6952-2) linux-image-azure-fde_6.8.0-1012.14_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234