CVE-2024-57936

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-57936
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-57936.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-57936
Downstream
Related
Published
2025-01-21T12:01:31Z
Modified
2025-10-22T07:48:45.346178Z
Summary
RDMA/bnxt_re: Fix max SGEs for the Work Request
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/bnxt_re: Fix max SGEs for the Work Request

Gen P7 supports up to 13 SGEs for now. WQE software structure can hold only 6 now. Since the max send sge is reported as 13, the stack can give requests up to 13 SGEs. This is causing traffic failures and system crashes.

Use the define for max SGE supported for variable size. This will work for both static and variable WQEs.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
36e1b6890f228ccfc867031ecedffe50958b25e4
Fixed
3de1b50f055dc2ca7072a526cdda21f691c22dd9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
227f51743b61fe3f6fc481f0fb8086bf8c49b8c9
Fixed
9a479088e0c8f6140b8c7752b563bc8c6c6dcc8c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
227f51743b61fe3f6fc481f0fb8086bf8c49b8c9
Fixed
79d330fbdffd8cee06d8bdf38d82cb62d8363a27

Affected versions

v6.*

v6.11
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.13-rc1

Database specific

vanir_signatures

[
    {
        "id": "CVE-2024-57936-3eec8491",
        "target": {
            "file": "drivers/infiniband/hw/bnxt_re/qplib_fp.h"
        },
        "digest": {
            "line_hashes": [
                "106897578319145614339297399323121365951",
                "250883285759377932551456577642801691402",
                "229755914788691137015961269613931660982",
                "131861967043580656749387342770361677986",
                "4789519883204352936086802118557564911",
                "89558478167479641440593356799896334127",
                "66585116027833665565514636165112221073"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79d330fbdffd8cee06d8bdf38d82cb62d8363a27"
    },
    {
        "id": "CVE-2024-57936-8fb9fac9",
        "target": {
            "file": "drivers/infiniband/hw/bnxt_re/qplib_fp.h"
        },
        "digest": {
            "line_hashes": [
                "106897578319145614339297399323121365951",
                "250883285759377932551456577642801691402",
                "229755914788691137015961269613931660982",
                "131861967043580656749387342770361677986",
                "4789519883204352936086802118557564911",
                "89558478167479641440593356799896334127",
                "66585116027833665565514636165112221073"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3de1b50f055dc2ca7072a526cdda21f691c22dd9"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.9