CVE-2024-43866

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Always drain health in shutdown callback

There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access.

Hence, drain health WQ on shutdown callback.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd2aa060d40fa060e963f9a356d43481e43ba3dac < 5005e2e159b300c1b8c6820a1e13a62eb0127b9baffected
LinuxLinuxd2aa060d40fa060e963f9a356d43481e43ba3dac < 6b6c2ebd83f2bf97e8f221479372aaca97a4a9b2affected
LinuxLinuxd2aa060d40fa060e963f9a356d43481e43ba3dac < 6048dec754554a1303d632be6042d3feb3295285affected
LinuxLinuxd2aa060d40fa060e963f9a356d43481e43ba3dac < 1b75da22ed1e6171e261bc9265370162553d5393affected
LinuxLinux63d10e93df94c93bdeac87a9401696b1edadb7edaffected
LinuxLinux4.13.16 < 4.14affected
LinuxLinux4.14affected
LinuxLinux0 < 4.14unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.45 <= 6.6.*unaffected
LinuxLinux6.10.4 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References