CVE-2024-57936

MEDIUM EPSS 9.4%
Published Jan 21, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jan 21, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix max SGEs for the Work Request Gen P7 supports up to 13 SGEs for now. WQE software structure can hold only 6 now. Since the max send sge is reported as 13, the stack can give requests up to 13 SGEs. This is causing traffic failures and system crashes. Use the define for max SGE supported for variable size. This will work for both static and variable WQEs.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
9.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥6.12  –  <6.12.9
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3de1b50f055dc2ca7072a526cdda21f691c22dd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79d330fbdffd8cee06d8bdf38d82cb62d8363a27
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9a479088e0c8f6140b8c7752b563bc8c6c6dcc8c
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3de1b50f055dc2ca7072a526cdda21f691c22dd9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79d330fbdffd8cee06d8bdf38d82cb62d8363a27
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9a479088e0c8f6140b8c7752b563bc8c6c6dcc8c
    Patch