Security tracker / CVE-2024-38540

CVE-2024-38540

bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in 0c4dcd602817 ("RDMA/bnxt_re: Refactor hardware queue memory
 carnil> allocation"). Vulnerable versions: 5.7-rc1.

Bugs

Status

Branch	Status
upstream	released (6.10-rc1) [78cfd17142ef70599d6409cbd709d94b3da58659]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.9-upstream-stable	released (6.9.3) [8b799c00cea6fcfe5b501bbaeb228c8821acb753]
6.6-upstream-stable	released (6.6.33) [a658f011d89dd20cf2c7cb4760ffd79201700b98]
6.1-upstream-stable	released (6.1.117) [84d2f29152184f0d72ed7c9648c4ee6927df4e59]
5.10-upstream-stable	needed
4.19-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.8.12-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	released (6.1.119-1)
5.10-bullseye-security	needed