CVE-2024-47693

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> IB/core: Fix ib_cache_setup_one error flow cleanup<br /> <br /> When ib_cache_update return an error, we exit ib_cache_setup_one<br /> instantly with no proper cleanup, even though before this we had<br /> already successfully done gid_table_setup_one, that results in<br /> the kernel WARN below.<br /> <br /> Do proper cleanup using gid_table_cleanup_one before returning<br /> the err in order to fix the issue.<br /> <br /> WARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0<br /> Modules linked in:<br /> CPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3<br /> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014<br /> RIP: 0010:gid_table_release_one+0x181/0x1a0<br /> Code: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41<br /> RSP: 0018:ffffc90002b835b0 EFLAGS: 00010286<br /> RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527<br /> RDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001<br /> RBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631<br /> R10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001<br /> R13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001<br /> FS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000<br /> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> CR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0<br /> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000<br /> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400<br /> Call Trace:<br /> <br /> ? show_regs+0x94/0xa0<br /> ? __warn+0x9e/0x1c0<br /> ? gid_table_release_one+0x181/0x1a0<br /> ? report_bug+0x1f9/0x340<br /> ? gid_table_release_one+0x181/0x1a0<br /> ? handle_bug+0xa2/0x110<br /> ? exc_invalid_op+0x31/0xa0<br /> ? asm_exc_invalid_op+0x16/0x20<br /> ? __warn_printk+0xc7/0x180<br /> ? __warn_printk+0xd4/0x180<br /> ? gid_table_release_one+0x181/0x1a0<br /> ib_device_release+0x71/0xe0<br /> ? __pfx_ib_device_release+0x10/0x10<br /> device_release+0x44/0xd0<br /> kobject_put+0x135/0x3d0<br /> put_device+0x20/0x30<br /> rxe_net_add+0x7d/0xa0<br /> rxe_newlink+0xd7/0x190<br /> nldev_newlink+0x1b0/0x2a0<br /> ? __pfx_nldev_newlink+0x10/0x10<br /> rdma_nl_rcv_msg+0x1ad/0x2e0<br /> rdma_nl_rcv_skb.constprop.0+0x176/0x210<br /> netlink_unicast+0x2de/0x400<br /> netlink_sendmsg+0x306/0x660<br /> __sock_sendmsg+0x110/0x120<br /> ____sys_sendmsg+0x30e/0x390<br /> ___sys_sendmsg+0x9b/0xf0<br /> ? kstrtouint+0x6e/0xa0<br /> ? kstrtouint_from_user+0x7c/0xb0<br /> ? get_pid_task+0xb0/0xd0<br /> ? proc_fail_nth_write+0x5b/0x140<br /> ? __fget_light+0x9a/0x200<br /> ? preempt_count_add+0x47/0xa0<br /> __sys_sendmsg+0x61/0xd0<br /> do_syscall_64+0x50/0x110<br /> entry_SYSCALL_64_after_hwframe+0x76/0x7e