CVE-2024-47749

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cxgb4: Added NULL check for lookup_atid

The lookup_atid() function can return NULL if the ATID is invalid or does not exist in the identifier table, which could lead to dereferencing a null pointer without a check in the act_establish() and act_open_rpl() functions. Add a NULL check to prevent null pointer dereferencing.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < b12e25d91c7f97958341538c7dc63ee49d01548faffected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < 4e1fe68d695af367506ea3c794c5969630f21697affected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < dd598ac57dcae796cb58551074660c39b43fb155affected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < b11318dc8a1ec565300bb1a9073095af817cc508affected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < 39cb9f39913566ec5865581135f3e8123ad1aee1affected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < 0d50ae281a1712b9b2ca72830a96b8f11882358daffected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < 54aaa3ed40972511e423b604324b881425b9ff1eaffected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < b9c94c8ba5a713817cffd74c4bacc05187469624affected
LinuxLinuxcfdda9d764362ab77b11a410bb928400e6520d57 < e766e6a92410ca269161de059fff0843b8ddd65faffected
LinuxLinux2.6.35affected
LinuxLinux0 < 2.6.35unaffected
LinuxLinux4.19.323 <= 4.19.*unaffected
LinuxLinux5.4.285 <= 5.4.*unaffected
LinuxLinux5.10.227 <= 5.10.*unaffected
LinuxLinux5.15.168 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.54 <= 6.6.*unaffected
LinuxLinux6.10.13 <= 6.10.*unaffected
LinuxLinux6.11.2 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References