vulnerability

Ubuntu: (Multiple Advisories) (CVE-2024-36281): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Jun 21, 2024
Added
Sep 12, 2024
Modified
Aug 18, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules

rx_create no longer allocates a modify_hdr instance that needs to be
cleaned up. The mlx5_modify_header_dealloc call will lead to a NULL pointer
dereference. A leak in the rules also previously occurred since there are
now two rules populated related to status.

BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 109907067 P4D 109907067 PUD 116890067 PMD 0
Oops: 0000 [#1] SMP
CPU: 1 PID: 484 Comm: ip Not tainted 6.9.0-rc2-rrameshbabu+ #254
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Arch Linux 1.16.3-1-1 04/01/2014
RIP: 0010:mlx5_modify_header_dealloc+0xd/0x70
<snip>
Call Trace:
<TASK>
? show_regs+0x60/0x70
? __die+0x24/0x70
? page_fault_oops+0x15f/0x430
? free_to_partial_list.constprop.0+0x79/0x150
? do_user_addr_fault+0x2c9/0x5c0
? exc_page_fault+0x63/0x110
? asm_exc_page_fault+0x27/0x30
? mlx5_modify_header_dealloc+0xd/0x70
rx_create+0x374/0x590
rx_add_rule+0x3ad/0x500
? rx_add_rule+0x3ad/0x500
? mlx5_cmd_exec+0x2c/0x40
? mlx5_create_ipsec_obj+0xd6/0x200
mlx5e_accel_ipsec_fs_add_rule+0x31/0xf0
mlx5e_xfrm_add_state+0x426/0xc00
<snip>

Solutions

ubuntu-upgrade-linux-image-6-8-0-1010-gkeubuntu-upgrade-linux-image-6-8-0-1011-raspiubuntu-upgrade-linux-image-6-8-0-1012-ibmubuntu-upgrade-linux-image-6-8-0-1012-oemubuntu-upgrade-linux-image-6-8-0-1012-oracleubuntu-upgrade-linux-image-6-8-0-1012-oracle-64kubuntu-upgrade-linux-image-6-8-0-1013-nvidiaubuntu-upgrade-linux-image-6-8-0-1013-nvidia-64kubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatencyubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-1014-azureubuntu-upgrade-linux-image-6-8-0-1014-azure-fdeubuntu-upgrade-linux-image-6-8-0-1014-gcpubuntu-upgrade-linux-image-6-8-0-1015-awsubuntu-upgrade-linux-image-6-8-0-44-genericubuntu-upgrade-linux-image-6-8-0-44-generic-64kubuntu-upgrade-linux-image-6-8-0-44-lowlatencyubuntu-upgrade-linux-image-6-8-0-44-lowlatency-64kubuntu-upgrade-linux-image-6-8-0-45-genericubuntu-upgrade-linux-image-6-8-0-45-generic-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-classicubuntu-upgrade-linux-image-ibm-lts-24-04ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-6-8ubuntu-upgrade-linux-image-nvidia-64kubuntu-upgrade-linux-image-nvidia-64k-6-8ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-lowlatency-64kubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-22-04ubuntu-upgrade-linux-image-virtual-hwe-24-04

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today