CVE-2024-38606

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> crypto: qat - validate slices count returned by FW<br /> <br /> The function adf_send_admin_tl_start() enables the telemetry (TL)<br /> feature on a QAT device by sending the ICP_QAT_FW_TL_START message to<br /> the firmware. This triggers the FW to start writing TL data to a DMA<br /> buffer in memory and returns an array containing the number of<br /> accelerators of each type (slices) supported by this HW.<br /> The pointer to this array is stored in the adf_tl_hw_data data<br /> structure called slice_cnt.<br /> <br /> The array slice_cnt is then used in the function tl_print_dev_data()<br /> to report in debugfs only statistics about the supported accelerators.<br /> An incorrect value of the elements in slice_cnt might lead to an out<br /> of bounds memory read.<br /> At the moment, there isn&amp;#39;t an implementation of FW that returns a wrong<br /> value, but for robustness validate the slice count array returned by FW.