CVE-2024-26744: RDMA/srpt: Support specifying the srpt_service_guid parameter

Published Apr 3, 2024
·
Updated

In the Linux kernel, the following vulnerability has been resolved:

RDMA/srpt: Support specifying the srptserviceguid parameter

Make loading ibsrpt with this parameter set work. The current behavior is that setting that parameter while loading the ibsrpt kernel module triggers the following kernel crash:

BUG: kernel NULL pointer dereference, address: 0000000000000000 Call Trace: parseone+0x18c/0x1d0 parseargs+0xe1/0x230 loadmodule+0x8de/0xa60 initmodulefromfile+0x8b/0xd0 idempotentinitmodule+0x181/0x240 x64sysfinitmodule+0x5a/0xb0 dosyscall64+0x5f/0xe0 entrySYSCALL64afterhwframe+0x6e/0x76

Other sources

In the Linux kernel, the following vulnerability has been resolved:

RDMA/srpt: Support specifying the srptserviceguid parameter

Make loading ibsrpt with this parameter set work. The current behavior is that setting that parameter while loading the ibsrpt kernel module triggers the following kernel crash:

BUG: kernel NULL pointer dereference, address: 0000000000000000 Call Trace: <TASK> parseone+0x18c/0x1d0 parseargs+0xe1/0x230 loadmodule+0x8de/0xa60 initmodulefromfile+0x8b/0xd0 idempotentinitmodule+0x181/0x240 x64sysfinitmodule+0x5a/0xb0 dosyscall64+0x5f/0xe0 entrySYSCALL64afterhwframe+0x6e/0x76

NVD

In the Linux kernel, the following vulnerability has been resolved:

RDMA/srpt: Support specifying the srptserviceguid parameter

The Linux kernel CVE team has assigned CVE-2024-26744 to this issue.

Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26744-d344@gregkh/T

Red Hat

Affected Software

24 affected componentsFixes available
redhat/kernel<4.19.308
4.19.308
redhat/kernel<5.10.211
5.10.211
redhat/kernel<5.15.150
5.15.150
redhat/kernel<6.1.80
6.1.80
redhat/kernel<6.6.19
6.6.19
redhat/kernel<6.7.7
6.7.7
redhat/kernel<6.8
6.8
IBM Security Verify Governance<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2
Linux Linux kernel>=3.3<4.19.308
Linux Linux kernel>=4.20<5.10.211
Linux Linux kernel>=5.11<5.15.150
Linux Linux kernel>=5.16<6.1.80
Linux Linux kernel>=6.2<6.6.19
Linux Linux kernel>=6.7<6.7.7
Linux Linux kernel=6.8-rc1
Linux Linux kernel=6.8-rc2
Linux Linux kernel=6.8-rc3
Linux Linux kernel=6.8-rc4
Linux Linux kernel=6.8-rc5
Debian Debian Linux=10.0
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1

Remediation

Patch Available

https://git.kernel.org/stable/c/5a5c039dac1b1b7ba3e91c791f4421052bf79b82

Patch Available

https://git.kernel.org/stable/c/84f1dac960cfa210a3b7a7522e6c2320ae91932b

Patch Available

https://git.kernel.org/stable/c/989af2f29342a9a7c7515523d879b698ac8465f4

Patch Available

https://git.kernel.org/stable/c/aee4dcfe17219fe60f2821923adea98549060af8

Patch Available

https://git.kernel.org/stable/c/c99a827d3cff9f84e1cb997b7cc6386d107aa74d

Patch Available

https://git.kernel.org/stable/c/fdfa083549de5d50ebf7f6811f33757781e838c0

Patch Available

https://git.kernel.org/stable/c/fe2a73d57319feab4b3b175945671ce43492172f

Event History

Apr 3, 2024
CVE Published
via MITRE·05:00 PM
Data Sourced
via MITRE·05:00 PM
Description
Apr 4, 2024
Data Sourced
via Red Hat·01:21 AM
DescriptionSeverityAffected Software
Jun 8, 2024
Data Sourced
via Launchpad·01:05 AM
Description
Apr 28, 2025
Data Sourced
via Ubuntu·02:18 PM
RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2024-26744?

CVE-2024-26744 is classified as a low severity vulnerability in the Linux kernel.

2

How do I fix CVE-2024-26744?

To fix CVE-2024-26744, upgrade to kernel versions 4.19.308, 5.10.211, 5.15.150, 6.1.80, 6.6.19, 6.7.7, 6.8, or specific Debian kernel versions that have addressed this vulnerability.

3

What software is affected by CVE-2024-26744?

CVE-2024-26744 affects several kernel versions from Red Hat and Debian packages.

4

What does CVE-2024-26744 address?

CVE-2024-26744 addresses an issue with the RDMA/srpt that prevents proper loading of the ib_srpt kernel module with the srpt_service_guid parameter.

5

When was CVE-2024-26744 disclosed?

The disclosure date for CVE-2024-26744 is not explicitly provided, but it was resolved in recent kernel updates.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203