SB20241230289 - Input validation error in Linux kernel hw hns driver
Published: December 30, 2024 Updated: May 11, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2024-56722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the free_srqc() function in drivers/infiniband/hw/hns/hns_roce_srq.c, within the hns_roce_mr_free() function in drivers/infiniband/hw/hns/hns_roce_mr.c, within the set_rwqe_data_seg(), free_mr_modify_rsv_qp(), free_mr_post_send_lp_wqe(), free_mr_send_cmd_to_hw(), hns_roce_v2_set_abs_fields(), hns_roce_v2_modify_qp(), hns_roce_v2_query_qp(), hns_roce_v2_destroy_qp_common(), hns_roce_v2_destroy_qp(), hns_roce_v2_modify_cq() and hns_roce_v2_query_cqc() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c, within the hns_roce_table_put() function in drivers/infiniband/hw/hns/hns_roce_hem.c, within the free_cqc() function in drivers/infiniband/hw/hns/hns_roce_cq.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/31c6fe9b79ed42440094f2367897aea0c0ce96ec
- https://git.kernel.org/stable/c/323275ac2ff15b2b7b3eac391ae5d8c5a3c3a999
- https://git.kernel.org/stable/c/a0e4c78770faa0d56d47391476fe1d827e72eded
- https://git.kernel.org/stable/c/b4ba31e5aaffbda9b22d9a35c40b16dc39e475a6
- https://git.kernel.org/stable/c/e2e64f9c42c717beb459ab209ec1c4baa73d3760
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.2