CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree

Published May 20, 2024
·
Updated

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Properly link new fs rules into the tree

Previously, addrulefg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, createflowhandle tries hard to find and reference already existing identical rules instead of creating new ones.

These two behaviors can result in a situation where createflowhandle 1) creates a new rule and references it, then 2) in a subsequent step during the same handle creation references it again, resulting in a rule with a refcount of 2 that is not linked into the tree, will have a NULL parent and root and will result in a crash when the flow group is deleted because delswhwrule, invoked on rule deletion, assumes node->parent is != NULL.

This happened in the wild, due to another bug related to incorrect handling of duplicate pktreformat ids, which lead to the code in createflowhandle incorrectly referencing a just-added rule in the same flow handle, resulting in the problem described above. Full details are at [1].

This patch changes addrulefg to add new rules without parents into the tree, properly initializing them and avoiding the crash. This makes it more consistent with how rules are added to an FTE in createflowhandle.

Other sources

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Properly link new fs rules into the tree

The Linux kernel CVE team has assigned CVE-2024-35960 to this issue.

Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052020-CVE-2024-35960-2eaa@gregkh/T

Red Hat

Affected Software

24 affected componentsFixes available
redhat/kernel<4.19.313
4.19.313
redhat/kernel<5.4.275
5.4.275
redhat/kernel<5.10.216
5.10.216
redhat/kernel<5.15.156
5.15.156
redhat/kernel<6.1.87
6.1.87
redhat/kernel<6.6.28
6.6.28
redhat/kernel<6.8.7
6.8.7
redhat/kernel<6.9
6.9
Linux Linux kernel>=4.10<4.19.313
Linux Linux kernel>=4.20<5.4.275
Linux Linux kernel>=5.5<5.10.216
Linux Linux kernel>=5.11<5.15.156
Linux Linux kernel>=5.16<6.1.87
Linux Linux kernel>=6.2<6.6.28
Linux Linux kernel>=6.7<6.8.7
Linux Linux kernel=6.9-rc1
Linux Linux kernel=6.9-rc2
Linux Linux kernel=6.9-rc3
Debian Debian Linux=10.0
IBM Security Verify Governance<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2
debian/linux
5.10.223-15.10.234-16.1.129-16.1.135-16.12.25-16.12.27-1

Remediation

Patch Available

https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423

Patch Available

https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f

Patch Available

https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801

Patch Available

https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0

Patch Available

https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64

Patch Available

https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453

Patch Available

https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d

Patch Available

https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2

Event History

May 20, 2024
CVE Published
via MITRE·09:41 AM
Data Sourced
via MITRE·09:41 AM
Description
Data Sourced
via NVD·10:15 AM
RemedyDescriptionSeverityWeaknessAffected Software
Data Sourced
via Red Hat·05:02 PM
DescriptionSeverityAffected Software
Jul 11, 2024
Data Sourced
via Launchpad·07:47 PM
Description
Apr 27, 2025
Data Sourced
via Ubuntu·12:23 AM
RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2024-35960?

CVE-2024-35960 has a severity rating that indicates it poses potential security risks to systems using affected versions of the Linux kernel.

2

How do I fix CVE-2024-35960?

To mitigate CVE-2024-35960, update your Linux kernel to a version that includes the fix, such as 4.19.313, 5.4.275, 5.10.216, 5.15.156, 6.1.87, or later versions.

3

Which Linux kernel versions are affected by CVE-2024-35960?

CVE-2024-35960 affects multiple Linux kernel versions, specifically those prior to 4.19.313, 5.4.275, 5.10.216, 5.15.156, 6.1.87, and others listed in remediation.

4

Is there a known exploit for CVE-2024-35960?

As of now, there is no publicly disclosed exploitation of CVE-2024-35960, but it is recommended to apply patches as a precaution.

5

What systems are most at risk from CVE-2024-35960?

Systems running unpatched versions of the Linux kernel that utilize the affected features are at risk from CVE-2024-35960.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203