CVE-2024-50000

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc()

In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa6696735d694b365bca45873e9dbca26120a8375 < 4655456a64a0f936098c8432bac64e7176bd2affaffected
LinuxLinuxa6696735d694b365bca45873e9dbca26120a8375 < b48ee5bb25c02ca2b81e0d16bf8af17ab6ed3f8baffected
LinuxLinuxa6696735d694b365bca45873e9dbca26120a8375 < 0168ab6fbd9e50d20b97486168b604b2ab28a2caaffected
LinuxLinuxa6696735d694b365bca45873e9dbca26120a8375 < 1bcc86cc721bea68980098f51f102aa2c2b9d932affected
LinuxLinuxa6696735d694b365bca45873e9dbca26120a8375 < 4d80dde26d7bab1320210279483ac854dcb274b2affected
LinuxLinuxa6696735d694b365bca45873e9dbca26120a8375 < f25389e779500cf4a59ef9804534237841bce536affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.168 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.55 <= 6.6.*unaffected
LinuxLinux6.10.14 <= 6.10.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References