// For flags

CVE-2024-50157

RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop

Severity Score

"-"
*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In the Linux kernel, the following vulnerability has been resolved:

RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop

Driver waits indefinitely for the fifo occupancy to go below a threshold
as soon as the pacing interrupt is received. This can cause soft lockup on
one of the processors, if the rate of DB is very high.

Add a loop count for FPGA and exit the __wait_for_fifo_occupancy_below_th
if the loop is taking more time. Pacing will be continuing until the
occupancy is below the threshold. This is ensured by the checks in
bnxt_re_pacing_timer_exp and further scheduling the work for pacing based
on the fifo occupancy.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/bnxt_re: Evitar bloqueos de CPU debido al bucle de comprobación de ocupación fifo El controlador espera indefinidamente a que la ocupación fifo baje de un umbral tan pronto como se recibe la interrupción de ritmo. Esto puede provocar un bloqueo suave en uno de los procesadores, si la tasa de DB es muy alta. Agregue un recuento de bucles para FPGA y salga de __wait_for_fifo_occupancy_below_th si el bucle está tomando más tiempo. El ritmo continuará hasta que la ocupación esté por debajo del umbral. Esto se garantiza mediante las comprobaciones en bnxt_re_pacing_timer_exp y la programación adicional del trabajo para el ritmo en función de la ocupación fifo.

*Credits: N/A
CVSS Scores
Attack Vector
-
Attack Complexity
-
Privileges Required
-
User Interaction
-
Scope
-
Confidentiality
-
Integrity
-
Availability
-
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2024-10-21 CVE Reserved
  • 2024-11-07 CVE Published
  • 2024-11-08 EPSS Updated
  • 2024-11-19 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.6 < 6.11.6
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.11.6"
en
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.6 < 6.12
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.12"
en
Affected