2339128 – (CVE-2024-57936) CVE-2024-57936 kernel: RDMA/bnxt_re: Fix max SGEs for the Work Request

Bug 2339128 (CVE-2024-57936) - CVE-2024-57936 kernel: RDMA/bnxt_re: Fix max SGEs for the Work Request

Summary: CVE-2024-57936 kernel: RDMA/bnxt_re: Fix max SGEs for the Work Request

Keywords:
Status:	NEW
Alias:	CVE-2024-57936
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-01-21 13:02 UTC by OSIDB Bzimport
Modified:	2025-03-13 11:42 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-01-21 13:02:09 UTC

In the Linux kernel, the following vulnerability has been resolved:

RDMA/bnxt_re: Fix max SGEs for the Work Request

Gen P7 supports up to 13 SGEs for now. WQE software structure
can hold only 6 now. Since the max send sge is reported as
13, the stack can give requests up to 13 SGEs. This is causing
traffic failures and system crashes.

Use the define for max SGE supported for variable size. This
will work for both static and variable WQEs.

Comment 1 Michal Findra 2025-01-21 14:05:16 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025012149-CVE-2024-57936-03a6@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.