CVE-2024-38555
- Source
- https://cve.org/CVERecord?id=CVE-2024-38555
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-38555.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-38555
- Downstream
- Related
- Published
- 2024-06-19T13:35:26.059Z
- Modified
- 2026-03-23T05:01:23.293499676Z
- Summary
- net/mlx5: Discard command completions in internal error
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Discard command completions in internal error
Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command interface and trigger all completions manually.
Kernel log: ------------[ cut here ]------------ refcountt: underflow; use-after-free. ... RIP: 0010:refcountwarn_saturate+0xd8/0xe0 ... Call Trace: <IRQ> ? __warn+0x79/0x120 ? refcountwarnsaturate+0xd8/0xe0 ? reportbug+0x17c/0x190 ? handlebug+0x3c/0x60 ? excinvalidop+0x14/0x70 ? asmexcinvalidop+0x16/0x20 ? refcountwarnsaturate+0xd8/0xe0 cmdentput+0x13b/0x160 [mlx5core] mlx5cmdcomphandler+0x5f9/0x670 [mlx5core] cmdcompnotifier+0x1f/0x30 [mlx5core] notifiercallchain+0x35/0xb0 atomicnotifiercallchain+0x16/0x20 mlx5eqasyncint+0xf6/0x290 [mlx5core] notifiercallchain+0x35/0xb0 atomicnotifiercallchain+0x16/0x20 irqinthandler+0x19/0x30 [mlx5core] __handleirqevent_percpu+0x4b/0x160 handleirqevent+0x2e/0x80 handleedgeirq+0x98/0x230 __commoninterrupt+0x3b/0xa0 commoninterrupt+0x7b/0xa0 </IRQ> <TASK> asmcommoninterrupt+0x22/0x40
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38555.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1337ec94bc5a9eed250e33f5f5c89a28a6bfabdb
- https://git.kernel.org/stable/c/1d5dce5e92a70274de67a59e1e674c3267f94cd7
- https://git.kernel.org/stable/c/3cb92b0ad73d3f1734e812054e698d655e9581b0
- https://git.kernel.org/stable/c/7ac4c69c34240c6de820492c0a28a0bd1494265a
- https://git.kernel.org/stable/c/bf8aaf0ae01c27ae3c06aa8610caf91e50393396
- https://git.kernel.org/stable/c/db9b31aa9bc56ff0d15b78f7e827d61c4a096e40
- https://git.kernel.org/stable/c/f6fbb8535e990f844371086ab2c1221f71f993d3
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38555.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-38555
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced27c79b3a9212cf4ba634c157e07d29548181a208Fixedf6fbb8535e990f844371086ab2c1221f71f993d3
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced51d138c2610a236c1ed0059d034ee4c74f452b86Fixed3cb92b0ad73d3f1734e812054e698d655e9581b0Fixedbf8aaf0ae01c27ae3c06aa8610caf91e50393396Fixed1337ec94bc5a9eed250e33f5f5c89a28a6bfabdbFixed1d5dce5e92a70274de67a59e1e674c3267f94cd7Fixed7ac4c69c34240c6de820492c0a28a0bd1494265aFixeddb9b31aa9bc56ff0d15b78f7e827d61c4a096e40
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected2e5d24b3bf091802c5456dc8f8f6a6be4493c8ca