CVE - CVE-2024-36476

CVE-ID
CVE-2024-36476	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ib_sge list' is accessible Move the declaration of the 'ib_sge list' variable outside the 'always_invalidate' block to ensure it remains accessible for use throughout the function. Previously, 'ib_sge list' was declared within the 'always_invalidate' block, limiting its accessibility, then caused a 'BUG: kernel NULL pointer dereference'[1]. ? __die_body.cold+0x19/0x27 ? page_fault_oops+0x15a/0x2d0 ? search_module_extables+0x19/0x60 ? search_bpf_extables+0x5f/0x80 ? exc_page_fault+0x7e/0x180 ? asm_exc_page_fault+0x26/0x30 ? memcpy_orig+0xd5/0x140 rxe_mr_copy+0x1c3/0x200 [rdma_rxe] ? rxe_pool_get_index+0x4b/0x80 [rdma_rxe] copy_data+0xa5/0x230 [rdma_rxe] rxe_requester+0xd9b/0xf70 [rdma_rxe] ? finish_task_switch.isra.0+0x99/0x2e0 rxe_sender+0x13/0x40 [rdma_rxe] do_task+0x68/0x1e0 [rdma_rxe] process_one_work+0x177/0x330 worker_thread+0x252/0x390 ? __pfx_worker_thread+0x10/0x10 This change ensures the variable is available for subsequent operations that require it. [1] https://lore.kernel.org/linux-rdma/6a1f3e8f-deb0-49f9-bc69-a9b03ecfcda7@fujitsu.com/
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/143378075904e78b3b2a810099bcc3b3d82d762f URL:https://git.kernel.org/stable/c/143378075904e78b3b2a810099bcc3b3d82d762f MISC:https://git.kernel.org/stable/c/32e1e748a85bd52b20b3857d80fd166d22fa455a URL:https://git.kernel.org/stable/c/32e1e748a85bd52b20b3857d80fd166d22fa455a MISC:https://git.kernel.org/stable/c/6ffb5c1885195ae5211a12b4acd2d51843ca41b0 URL:https://git.kernel.org/stable/c/6ffb5c1885195ae5211a12b4acd2d51843ca41b0 MISC:https://git.kernel.org/stable/c/7eaa71f56a6f7ab87957213472dc6d4055862722 URL:https://git.kernel.org/stable/c/7eaa71f56a6f7ab87957213472dc6d4055862722 MISC:https://git.kernel.org/stable/c/b238f61cc394d5fef27b26d7d9aa383ebfddabb0 URL:https://git.kernel.org/stable/c/b238f61cc394d5fef27b26d7d9aa383ebfddabb0 MISC:https://git.kernel.org/stable/c/fb514b31395946022f13a08e06a435f53cf9e8b3 URL:https://git.kernel.org/stable/c/fb514b31395946022f13a08e06a435f53cf9e8b3
Assigning CNA
kernel.org
Date Record Created
20250115	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250115)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)