{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-40990", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.605Z", "datePublished": "2024-07-12T12:37:34.485Z", "dateUpdated": "2025-11-03T21:58:55.239Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:19:29.171Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Add check for srq max_sge attribute\n\nmax_sge attribute is passed by the user, and is inserted and used\nunchecked, so verify that the value doesn't exceed maximum allowed value\nbefore using it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/mlx5/srq.c"], "versions": [{"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c", "lessThan": "7186b81c1f15e39069b1af172c6a951728ed3511", "status": "affected", "versionType": "git"}, {"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c", "lessThan": "1e692244bf7dd827dd72edc6c4a3b36ae572f03c", "status": "affected", "versionType": "git"}, {"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c", "lessThan": "999586418600b4b3b93c2a0edd3a4ca71ee759bf", "status": "affected", "versionType": "git"}, {"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c", "lessThan": "e0deb0e9c967b61420235f7f17a4450b4b4d6ce2", "status": "affected", "versionType": "git"}, {"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c", "lessThan": "4ab99e3613139f026d2d8ba954819e2876120ab3", "status": "affected", "versionType": "git"}, {"version": "e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c", "lessThan": "36ab7ada64caf08f10ee5a114d39964d1f91e81d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/mlx5/srq.c"], "versions": [{"version": "3.11", "status": "affected"}, {"version": "0", "lessThan": "3.11", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.221", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.162", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.96", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.36", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.7", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.11", "versionEndExcluding": "5.10.221"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.11", "versionEndExcluding": "5.15.162"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.11", "versionEndExcluding": "6.1.96"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.11", "versionEndExcluding": "6.6.36"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.11", "versionEndExcluding": "6.9.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.11", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511"}, {"url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c"}, {"url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf"}, {"url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2"}, {"url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3"}, {"url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d"}], "title": "RDMA/mlx5: Add check for srq max_sge attribute", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:58:55.239Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40990", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:01:51.391484Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:20.373Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.093Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40990", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:01:51.391484Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:22.082Z"}}], "cna": {"title": "RDMA/mlx5: Add check for srq max_sge attribute", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "e126ba97dba9", "lessThan": "7186b81c1f15", "versionType": "git"}, {"status": "affected", "version": "e126ba97dba9", "lessThan": "1e692244bf7d", "versionType": "git"}, {"status": "affected", "version": "e126ba97dba9", "lessThan": "999586418600", "versionType": "git"}, {"status": "affected", "version": "e126ba97dba9", "lessThan": "e0deb0e9c967", "versionType": "git"}, {"status": "affected", "version": "e126ba97dba9", "lessThan": "4ab99e361313", "versionType": "git"}, {"status": "affected", "version": "e126ba97dba9", "lessThan": "36ab7ada64ca", "versionType": "git"}], "programFiles": ["drivers/infiniband/hw/mlx5/srq.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.11"}, {"status": "unaffected", "version": "0", "lessThan": "3.11", "versionType": "custom"}, {"status": "unaffected", "version": "5.10.221", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.162", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.96", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.36", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.7", "versionType": "custom", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/infiniband/hw/mlx5/srq.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511"}, {"url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c"}, {"url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf"}, {"url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2"}, {"url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3"}, {"url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Add check for srq max_sge attribute\n\nmax_sge attribute is passed by the user, and is inserted and used\nunchecked, so verify that the value doesn't exceed maximum allowed value\nbefore using it."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-15T06:52:54.774Z"}}}, "cveMetadata": {"cveId": "CVE-2024-40990", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:34:20.373Z", "dateReserved": "2024-07-12T12:17:45.605Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-12T12:37:34.485Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2E7C79E-D2A7-4FF4-901F-73363EA84D19", "versionEndExcluding": "5.10.221", "versionStartIncluding": "3.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5", "versionEndExcluding": "5.15.162", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "61E887B4-732A-40D2-9983-CC6F281EBFB7", "versionEndExcluding": "6.1.96", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1046C95-860A-45B0-B718-2B29F65BFF10", "versionEndExcluding": "6.6.36", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A047AF2-94AC-4A3A-B32D-6AB930D8EF1C", "versionEndExcluding": "6.9.7", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Add check for srq max_sge attribute\n\nmax_sge attribute is passed by the user, and is inserted and used\nunchecked, so verify that the value doesn't exceed maximum allowed value\nbefore using it."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: RDMA/mlx5: Agregar verificaci\u00f3n para el atributo srq max_sge El usuario pasa el atributo max_sge, se inserta y se usa sin marcar, as\u00ed que verifique que el valor no exceda el valor m\u00e1ximo permitido antes us\u00e1ndolo."}], "id": "CVE-2024-40990", "lastModified": "2025-11-03T22:17:20.920", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-12T13:15:20.370", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1e692244bf7dd827dd72edc6c4a3b36ae572f03c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/36ab7ada64caf08f10ee5a114d39964d1f91e81d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4ab99e3613139f026d2d8ba954819e2876120ab3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7186b81c1f15e39069b1af172c6a951728ed3511"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/999586418600b4b3b93c2a0edd3a4ca71ee759bf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e0deb0e9c967b61420235f7f17a4450b4b4d6ce2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: RDMA/mlx5: Add check for srq max_sge attribute", "id": "2297574", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297574"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nRDMA/mlx5: Add check for srq max_sge attribute\nmax_sge attribute is passed by the user, and is inserted and used\nunchecked, so verify that the value doesn't exceed maximum allowed value\nbefore using it."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-40990", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-40990\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-40990\nhttps://lore.kernel.org/linux-cve-announce/2024071249-CVE-2024-40990-bba5@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-07-13T11:22:53.884238+00:00", "updated": "2025-07-13T11:22:53.884305+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}