CVE-2024-53138
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/12/2024
Last modified:
14/12/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net/mlx5e: kTLS, Fix incorrect page refcounting<br />
<br />
The kTLS tx handling code is using a mix of get_page() and<br />
page_ref_inc() APIs to increment the page reference. But on the release<br />
path (mlx5e_ktls_tx_handle_resync_dump_comp()), only put_page() is used.<br />
<br />
This is an issue when using pages from large folios: the get_page()<br />
references are stored on the folio page while the page_ref_inc()<br />
references are stored directly in the given page. On release the folio<br />
page will be dereferenced too many times.<br />
<br />
This was found while doing kTLS testing with sendfile() + ZC when the<br />
served file was read from NFS on a kernel with NFS large folios support<br />
(commit 49b29a573da8 ("nfs: add support for large folios")).
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.4 (including) | 6.1.119 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.63 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.11.10 (excluding) |
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:* | ||
cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/2723e8b2cbd486cb96e5a61b22473f7fd62e18df
- https://git.kernel.org/stable/c/69fbd07f17b0fdaf8970bc705f5bf115c297839d
- https://git.kernel.org/stable/c/93a14620b97c911489a5b008782f3d9b0c4aeff4
- https://git.kernel.org/stable/c/a0ddb20a748b122ea86003485f7992fa5e84cc95
- https://git.kernel.org/stable/c/c7b97f9e794d8e2bbaa50e1d6c230196fd214b5e
- https://git.kernel.org/stable/c/dd6e972cc5890d91d6749bb48e3912721c4e4b25
- https://git.kernel.org/stable/c/ffad2ac8c859c1c1a981fe9c4f7ff925db684a43