In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
In case of token is released due to token->state == BNXT_HWRM_DEFERRED,
released token (set to NULL) is used in log messages. This issue is
expected to be prevented by HWRM_ERR_CODE_PF_UNAVAILABLE error code. But
this error code is returned by recent firmware. So some firmware may not
return it. This may lead to NULL pointer dereference.
Adjust this issue by adding token pointer check.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Metrics
Affected Vendors & Products
References
History
Thu, 12 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 11 Sep 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-07-12T12:25:01.521Z
Updated: 2024-09-11T17:33:03.738Z
Reserved: 2024-07-12T12:17:45.582Z
Link: CVE-2024-40919
Vulnrichment
Updated: 2024-08-02T04:39:55.976Z
NVD
Status : Awaiting Analysis
Published: 2024-07-12T13:15:14.937
Modified: 2024-07-12T16:34:58.687
Link: CVE-2024-40919
Redhat