mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
Summary
| CVE | CVE-2024-36006 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2024-05-20 10:15:14 UTC |
| Updated | 2026-05-12 12:16:47 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the respective lists without checking that the lists are not empty. This is incorrect usage of the API, which leads to the following warning [1]. Fix by returning if the lists are empty as there is nothing to migrate in this case. [1] WARNING: CPU: 0 PID: 6437 at drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c:1266 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0> Modules linked in: CPU: 0 PID: 6437 Comm: kworker/0:37 Not tainted 6.9.0-rc3-custom-00883-g94a65f079ef6 #39 Hardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019 Workqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work RIP: 0010:mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0x2c0 [...] Call Trace: <TASK> mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x4a0 process_one_work+0x151/0x370 worker_thread+0x2cb/0x3e0 kthread+0xd0/0x100 ret_from_fork+0x34/0x50 ret_from_fork_asm+0x1a/0x30 </TASK> |
Risk And Classification
Primary CVSS: v3.1 5.5 MEDIUM from [email protected]
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Problem Types: NVD-CWE-noinfo
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected 6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf 0b2c13b670b168e324e1cf109e67056a20fd610a git | Not specified |
| CNA | Linux | Linux | affected 6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf 09846c2309b150b8ce4e0ce96f058197598fc530 git | Not specified |
| CNA | Linux | Linux | affected 6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf 64435b64e43d8ee60faa46c0cd04e323e8b2a7b0 git | Not specified |
| CNA | Linux | Linux | affected 6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf 4526a56e02da3725db979358964df9cd9c567154 git | Not specified |
| CNA | Linux | Linux | affected 6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf ab4ecfb627338e440ae11def004c524a00d93e40 git | Not specified |
| CNA | Linux | Linux | affected 6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf af8b593c3dd9df82cb199be65863af004b09fd97 git | Not specified |
| CNA | Linux | Linux | affected 6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf b377add0f0117409c418ddd6504bd682ebe0bf79 git | Not specified |
| CNA | Linux | Linux | affected 5.1 | Not specified |
| CNA | Linux | Linux | unaffected 5.1 semver | Not specified |
| CNA | Linux | Linux | unaffected 5.4.275 5.4.* semver | Not specified |
| CNA | Linux | Linux | unaffected 5.10.216 5.10.* semver | Not specified |
| CNA | Linux | Linux | unaffected 5.15.158 5.15.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.90 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.30 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.8.9 6.8.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.9 * original_commit_for_fix | Not specified |
| ADP | Siemens | RUGGEDCOM RST2428P | affected V3.1 custom | Not specified |
| ADP | Siemens | SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 Family | unaffected * custom | Not specified |
| ADP | Siemens | SCALANCE XCM-/XRM-/XCH-/XRH-300 Family | affected V3.1 custom | Not specified |
| ADP | Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux Subsystem | affected * custom | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/0b2c13b670b168e324e1cf109e67056a20fd610a | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch |
| lists.debian.org/debian-lts-announce/2024/06/msg00017.html | af854a3a-2127-422b-91ae-364da2661108 | lists.debian.org | Mailing List, Third Party Advisory |
| git.kernel.org/stable/c/4526a56e02da3725db979358964df9cd9c567154 | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch |
| cert-portal.siemens.com/productcert/html/ssa-265688.html | 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e | cert-portal.siemens.com | |
| git.kernel.org/stable/c/b377add0f0117409c418ddd6504bd682ebe0bf79 | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch |
| git.kernel.org/stable/c/09846c2309b150b8ce4e0ce96f058197598fc530 | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch |
| cert-portal.siemens.com/productcert/html/ssa-613116.html | 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e | cert-portal.siemens.com | |
| git.kernel.org/stable/c/ab4ecfb627338e440ae11def004c524a00d93e40 | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch |
| git.kernel.org/stable/c/af8b593c3dd9df82cb199be65863af004b09fd97 | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch |
| git.kernel.org/stable/c/64435b64e43d8ee60faa46c0cd04e323e8b2a7b0 | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.