CVE-2024-35960 (GCVE-0-2024-35960)

Vulnerability from cvelistv5 – Published: 2024-05-20 09:41 – Updated: 2026-05-12 11:53
VLAI
Title
net/mlx5: Properly link new fs rules into the tree
Summary
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, add_rule_fg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, create_flow_handle tries hard to find and reference already existing identical rules instead of creating new ones. These two behaviors can result in a situation where create_flow_handle 1) creates a new rule and references it, then 2) in a subsequent step during the same handle creation references it again, resulting in a rule with a refcount of 2 that is not linked into the tree, will have a NULL parent and root and will result in a crash when the flow group is deleted because del_sw_hw_rule, invoked on rule deletion, assumes node->parent is != NULL. This happened in the wild, due to another bug related to incorrect handling of duplicate pkt_reformat ids, which lead to the code in create_flow_handle incorrectly referencing a just-added rule in the same flow handle, resulting in the problem described above. Full details are at [1]. This patch changes add_rule_fg to add new rules without parents into the tree, properly initializing them and avoiding the crash. This makes it more consistent with how rules are added to an FTE in create_flow_handle.
Severity
9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < de0139719cdda82806a47580ca0df06fc85e0bd2 (git)
Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < 1263b0b26077b1183c3c45a0a2479573a351d423 (git)
Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < 3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801 (git)
Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < 7aaee12b804c5e0374e7b132b6ec2158ff33dd64 (git)
Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < 2e8dc5cffc844dacfa79f056dea88002312f253f (git)
Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < 5cf5337ef701830f173b4eec00a4f984adeb57a0 (git)
Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < adf67a03af39095f05d82050f15813d6f700159d (git)
Affected: 74491de937125d0c98c9b9c9208b4105717a3caa , < 7c6782ad4911cbee874e85630226ed389ff2e453 (git)
Create a notification for this product.
Linux Linux Affected: 4.10
Unaffected: 0 , < 4.10 (semver)
Unaffected: 4.19.313 , ≤ 4.19.* (semver)
Unaffected: 5.4.275 , ≤ 5.4.* (semver)
Unaffected: 5.10.216 , ≤ 5.10.* (semver)
Unaffected: 5.15.156 , ≤ 5.15.* (semver)
Unaffected: 6.1.87 , ≤ 6.1.* (semver)
Unaffected: 6.6.28 , ≤ 6.6.* (semver)
Unaffected: 6.8.7 , ≤ 6.8.* (semver)
Unaffected: 6.9 , ≤ * (original_commit_for_fix)
Create a notification for this product.
linux linux_kernel Affected: 74491de93712 , < de0139719cdd (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Affected: 74491de93712 , < 3d90ca9145f6 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Affected: 74491de93712 , < 7aaee12b804c (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Affected: 74491de93712 , < 2e8dc5cffc84 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Affected: 74491de93712 , < 5cf5337ef701 (custom)
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Affected: 74491de93712 , < adf67a03af39 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Affected: 74491de93712 , < 7c6782ad4911 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Affected: 4.10
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 0 , < 4.10 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 4.19.313 , ≤ 4.20 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 0 , ≤ 5.5 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 5.10.216 , ≤ 5.11 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 5.15.156 , ≤ 5.16 (custom)
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 6.1.87 , ≤ 6.2 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 6.6.28 , ≤ 6.7 (custom)
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 6.8.7 , ≤ 6.9 (custom)
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
linux linux_kernel Unaffected: 6.9
    cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
 Create a notification for this product.
Siemens RUGGEDCOM RST2428P Affected: 0 , < V3.1 (custom)
Create a notification for this product.
Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family Unaffected: 0 , < * (custom)
Create a notification for this product.
Siemens SCALANCE XCM-/XRM-/XCH-/XRH-300 family Affected: 0 , < V3.1 (custom)
Create a notification for this product.
Siemens SIMATIC S7-1500 TM MFP - GNU/Linux subsystem Affected: 0 , < * (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "de0139719cdd",
                "status": "affected",
                "version": "74491de93712",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "3d90ca9145f6",
                "status": "affected",
                "version": "74491de93712",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "7aaee12b804c",
                "status": "affected",
                "version": "74491de93712",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "2e8dc5cffc84",
                "status": "affected",
                "version": "74491de93712",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5cf5337ef701",
                "status": "affected",
                "version": "74491de93712",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "adf67a03af39",
                "status": "affected",
                "version": "74491de93712",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "7c6782ad4911",
                "status": "affected",
                "version": "74491de93712",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "4.10"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "4.10",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "4.20",
                "status": "unaffected",
                "version": "4.19.313",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.5",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.11",
                "status": "unaffected",
                "version": "5.10.216",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.16",
                "status": "unaffected",
                "version": "5.15.156",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.2",
                "status": "unaffected",
                "version": "6.1.87",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.7",
                "status": "unaffected",
                "version": "6.6.28",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "6.9",
                "status": "unaffected",
                "version": "6.8.7",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "6.9"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-35960",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T21:09:41.022641Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:09:59.289Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:21:49.117Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "RUGGEDCOM RST2428P",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "V3.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:53:13.263Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/fs_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "de0139719cdda82806a47580ca0df06fc85e0bd2",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            },
            {
              "lessThan": "1263b0b26077b1183c3c45a0a2479573a351d423",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            },
            {
              "lessThan": "3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            },
            {
              "lessThan": "7aaee12b804c5e0374e7b132b6ec2158ff33dd64",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            },
            {
              "lessThan": "2e8dc5cffc844dacfa79f056dea88002312f253f",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            },
            {
              "lessThan": "5cf5337ef701830f173b4eec00a4f984adeb57a0",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            },
            {
              "lessThan": "adf67a03af39095f05d82050f15813d6f700159d",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            },
            {
              "lessThan": "7c6782ad4911cbee874e85630226ed389ff2e453",
              "status": "affected",
              "version": "74491de937125d0c98c9b9c9208b4105717a3caa",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/fs_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.313",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.275",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.216",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.87",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.28",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.313",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.275",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.216",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.156",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.87",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.28",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.7",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "4.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n   again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node-\u003eparent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:14:32.050Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2"
        },
        {
          "url": "https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423"
        },
        {
          "url": "https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801"
        },
        {
          "url": "https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64"
        },
        {
          "url": "https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f"
        },
        {
          "url": "https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0"
        },
        {
          "url": "https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d"
        },
        {
          "url": "https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453"
        }
      ],
      "title": "net/mlx5: Properly link new fs rules into the tree",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35960",
    "datePublished": "2024-05-20T09:41:51.900Z",
    "dateReserved": "2024-05-17T13:50:33.137Z",
    "dateUpdated": "2026-05-12T11:53:13.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-35960",
      "date": "2026-06-09",
      "epss": "0.02683",
      "percentile": "0.8615"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-35960\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-20T10:15:11.190\",\"lastModified\":\"2026-05-12T12:16:43.590\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/mlx5: Properly link new fs rules into the tree\\n\\nPreviously, add_rule_fg would only add newly created rules from the\\nhandle into the tree when they had a refcount of 1. On the other hand,\\ncreate_flow_handle tries hard to find and reference already existing\\nidentical rules instead of creating new ones.\\n\\nThese two behaviors can result in a situation where create_flow_handle\\n1) creates a new rule and references it, then\\n2) in a subsequent step during the same handle creation references it\\n   again,\\nresulting in a rule with a refcount of 2 that is not linked into the\\ntree, will have a NULL parent and root and will result in a crash when\\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\\ndeletion, assumes node-\u003eparent is != NULL.\\n\\nThis happened in the wild, due to another bug related to incorrect\\nhandling of duplicate pkt_reformat ids, which lead to the code in\\ncreate_flow_handle incorrectly referencing a just-added rule in the same\\nflow handle, resulting in the problem described above. Full details are\\nat [1].\\n\\nThis patch changes add_rule_fg to add new rules without parents into\\nthe tree, properly initializing them and avoiding the crash. This makes\\nit more consistent with how rules are added to an FTE in\\ncreate_flow_handle.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/mlx5: vincular correctamente nuevas reglas fs al \u00e1rbol. Anteriormente, add_rule_fg solo agregaba reglas reci\u00e9n creadas desde el identificador al \u00e1rbol cuando ten\u00edan un recuento de 1. Por otro lado Por otro lado, create_flow_handle se esfuerza por encontrar y hacer referencia a reglas id\u00e9nticas ya existentes en lugar de crear otras nuevas. Estos dos comportamientos pueden dar lugar a una situaci\u00f3n en la que create_flow_handle 1) crea una nueva regla y hace referencia a ella, luego 2) en un paso posterior durante la creaci\u00f3n del mismo identificador hace referencia a ella nuevamente, lo que da como resultado una regla con un recuento de 2 que no est\u00e1 vinculada a el \u00e1rbol, tendr\u00e1 un padre y una ra\u00edz NULL y provocar\u00e1 un bloqueo cuando se elimine el grupo de flujo porque del_sw_hw_rule, invocado al eliminar la regla, asume que nodo-\u0026gt;padre es != NULL. Esto sucedi\u00f3 en la naturaleza, debido a otro error relacionado con el manejo incorrecto de identificadores de pkt_reformat duplicados, lo que llev\u00f3 al c\u00f3digo en create_flow_handle a hacer referencia incorrecta a una regla reci\u00e9n agregada en el mismo identificador de flujo, lo que result\u00f3 en el problema descrito anteriormente. Los detalles completos est\u00e1n en [1]. Este parche cambia add_rule_fg para agregar nuevas reglas sin padres al \u00e1rbol, inicializ\u00e1ndolas correctamente y evitando el bloqueo. Esto lo hace m\u00e1s coherente con la forma en que se agregan reglas a un FTE en create_flow_handle.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.19.313\",\"matchCriteriaId\":\"6803798D-A9EC-49A2-9F75-47B1BF43B655\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.275\",\"matchCriteriaId\":\"5FF6D8DE-C559-4586-86C8-2C6B4420A2C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.216\",\"matchCriteriaId\":\"A44ABF89-F1BD-4C9A-895D-7596650DCD27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.156\",\"matchCriteriaId\":\"E80AFAB4-A9F3-415C-8D6C-52D1C13F1531\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.87\",\"matchCriteriaId\":\"BDA59296-EDB8-44CD-98E4-C08C051569E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.28\",\"matchCriteriaId\":\"8D6315B0-B3BA-406C-B0DB-51D9A63753F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.8.7\",\"matchCriteriaId\":\"531BDFB5-EF6A-4707-902E-146368303499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"22BEDD49-2C6D-402D-9DBF-6646F6ECD10B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"52048DDA-FC5A-4363-95A0-A6357B4D7F8C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-265688.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-613116.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T03:21:49.117Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-35960\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-16T21:09:41.022641Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de93712\", \"lessThan\": \"de0139719cdd\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de93712\", \"lessThan\": \"3d90ca9145f6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de93712\", \"lessThan\": \"7aaee12b804c\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de93712\", \"lessThan\": \"2e8dc5cffc84\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de93712\", \"lessThan\": \"5cf5337ef701\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de93712\", \"lessThan\": \"adf67a03af39\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de93712\", \"lessThan\": \"7c6782ad4911\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.10\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"4.19.313\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"4.20\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.5\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"5.10.216\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.11\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"5.15.156\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.16\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"6.1.87\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.2\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"6.6.28\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.7\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"6.8.7\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.9\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"6.9\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-18T14:52:07.872Z\"}}], \"cna\": {\"title\": \"net/mlx5: Properly link new fs rules into the tree\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"de0139719cdda82806a47580ca0df06fc85e0bd2\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"1263b0b26077b1183c3c45a0a2479573a351d423\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"7aaee12b804c5e0374e7b132b6ec2158ff33dd64\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"2e8dc5cffc844dacfa79f056dea88002312f253f\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"5cf5337ef701830f173b4eec00a4f984adeb57a0\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"adf67a03af39095f05d82050f15813d6f700159d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74491de937125d0c98c9b9c9208b4105717a3caa\", \"lessThan\": \"7c6782ad4911cbee874e85630226ed389ff2e453\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/net/ethernet/mellanox/mlx5/core/fs_core.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.10\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.19.313\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.275\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.216\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.156\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.87\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.28\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.8.*\"}, {\"status\": \"unaffected\", \"version\": \"6.9\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/net/ethernet/mellanox/mlx5/core/fs_core.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/de0139719cdda82806a47580ca0df06fc85e0bd2\"}, {\"url\": \"https://git.kernel.org/stable/c/1263b0b26077b1183c3c45a0a2479573a351d423\"}, {\"url\": \"https://git.kernel.org/stable/c/3d90ca9145f6b97b38d0c2b6b30f6ca6af9c1801\"}, {\"url\": \"https://git.kernel.org/stable/c/7aaee12b804c5e0374e7b132b6ec2158ff33dd64\"}, {\"url\": \"https://git.kernel.org/stable/c/2e8dc5cffc844dacfa79f056dea88002312f253f\"}, {\"url\": \"https://git.kernel.org/stable/c/5cf5337ef701830f173b4eec00a4f984adeb57a0\"}, {\"url\": \"https://git.kernel.org/stable/c/adf67a03af39095f05d82050f15813d6f700159d\"}, {\"url\": \"https://git.kernel.org/stable/c/7c6782ad4911cbee874e85630226ed389ff2e453\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/mlx5: Properly link new fs rules into the tree\\n\\nPreviously, add_rule_fg would only add newly created rules from the\\nhandle into the tree when they had a refcount of 1. On the other hand,\\ncreate_flow_handle tries hard to find and reference already existing\\nidentical rules instead of creating new ones.\\n\\nThese two behaviors can result in a situation where create_flow_handle\\n1) creates a new rule and references it, then\\n2) in a subsequent step during the same handle creation references it\\n   again,\\nresulting in a rule with a refcount of 2 that is not linked into the\\ntree, will have a NULL parent and root and will result in a crash when\\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\\ndeletion, assumes node-\u003eparent is != NULL.\\n\\nThis happened in the wild, due to another bug related to incorrect\\nhandling of duplicate pkt_reformat ids, which lead to the code in\\ncreate_flow_handle incorrectly referencing a just-added rule in the same\\nflow handle, resulting in the problem described above. Full details are\\nat [1].\\n\\nThis patch changes add_rule_fg to add new rules without parents into\\nthe tree, properly initializing them and avoiding the crash. This makes\\nit more consistent with how rules are added to an FTE in\\ncreate_flow_handle.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.313\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.275\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.216\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.156\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.87\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.28\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8.7\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.9\", \"versionStartIncluding\": \"4.10\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T09:09:16.502Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-35960\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T09:09:16.502Z\", \"dateReserved\": \"2024-05-17T13:50:33.137Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-20T09:41:51.900Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.