U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2024-35852 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that the migration ended. Otherwise, it is rescheduled immediately. After "mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash" the above is no longer accurate as a non-negative number of credits is no longer indicative of the migration being done. It can also happen if the work encountered an error in which case the migration will resume the next time the work is scheduled. The significance of the above is that it is possible for the work to be pending and associated with hints that were allocated when the migration started. This leads to the hints being leaked [1] when the work is canceled while pending as part of ACL region dismantle. Fix by freeing the hints if hints are associated with a work that was canceled while pending. Blame the original commit since the reliance on not having a pending work associated with hints is fragile. [1] unreferenced object 0xffff88810e7c3000 (size 256): comm "kworker/0:16", pid 176, jiffies 4295460353 hex dump (first 32 bytes): 00 30 95 11 81 88 ff ff 61 00 00 00 00 00 00 80 .0......a....... 00 00 61 00 40 00 00 00 00 00 00 00 04 00 00 00 ..a.@........... backtrace (crc 2544ddb9): [<00000000cf8cfab3>] kmalloc_trace+0x23f/0x2a0 [<000000004d9a1ad9>] objagg_hints_get+0x42/0x390 [<000000000b143cf3>] mlxsw_sp_acl_erp_rehash_hints_get+0xca/0x400 [<0000000059bdb60a>] mlxsw_sp_acl_tcam_vregion_rehash_work+0x868/0x1160 [<00000000e81fd734>] process_one_work+0x59c/0xf20 [<00000000ceee9e81>] worker_thread+0x799/0x12c0 [<00000000bda6fe39>] kthread+0x246/0x300 [<0000000070056d23>] ret_from_fork+0x34/0x70 [<00000000dea2b93e>] ret_from_fork_asm+0x1a/0x30


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/51cefc9da400b953fee749c9e5d26cd4a2b5d758
https://git.kernel.org/stable/c/51cefc9da400b953fee749c9e5d26cd4a2b5d758
https://git.kernel.org/stable/c/5bfe7bf9656ed2633718388f12b7c38b86414a04
https://git.kernel.org/stable/c/5bfe7bf9656ed2633718388f12b7c38b86414a04
https://git.kernel.org/stable/c/63d814d93c5cce4c18284adc810028f28dca493f
https://git.kernel.org/stable/c/63d814d93c5cce4c18284adc810028f28dca493f
https://git.kernel.org/stable/c/857ed800133ffcfcee28582090b63b0cbb8ba59d
https://git.kernel.org/stable/c/857ed800133ffcfcee28582090b63b0cbb8ba59d
https://git.kernel.org/stable/c/d72dd6fcd7886d0523afbab8b4a4b22d17addd7d
https://git.kernel.org/stable/c/d72dd6fcd7886d0523afbab8b4a4b22d17addd7d
https://git.kernel.org/stable/c/de1aaefa75be9d0ec19c9a3e0e2f9696de20c6ab
https://git.kernel.org/stable/c/de1aaefa75be9d0ec19c9a3e0e2f9696de20c6ab
https://git.kernel.org/stable/c/fb4e2b70a7194b209fc7320bbf33b375f7114bd5
https://git.kernel.org/stable/c/fb4e2b70a7194b209fc7320bbf33b375f7114bd5
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Weakness Enumeration

CWE-ID CWE Name Source

Change History

5 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-35852
NVD Published Date:
05/17/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org