{ "dataType": "CVE_RECORD", "cveMetadata": { "cveId": "CVE-2024-36006", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.150Z", "datePublished": "2024-05-20T09:48:06.278Z", "dateUpdated": "2026-05-12T11:53:35.895Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:15:29.538Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage\n\nBoth the function that migrates all the chunks within a region and the\nfunction that migrates all the entries within a chunk call\nlist_first_entry() on the respective lists without checking that the\nlists are not empty. This is incorrect usage of the API, which leads to\nthe following warning [1].\n\nFix by returning if the lists are empty as there is nothing to migrate\nin this case.\n\n[1]\nWARNING: CPU: 0 PID: 6437 at drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c:1266 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0>\nModules linked in:\nCPU: 0 PID: 6437 Comm: kworker/0:37 Not tainted 6.9.0-rc3-custom-00883-g94a65f079ef6 #39\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0x2c0\n[...]\nCall Trace:\n \n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x4a0\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n " } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c" ], "versions": [ { "version": "6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf", "lessThan": "0b2c13b670b168e324e1cf109e67056a20fd610a", "status": "affected", "versionType": "git" }, { "version": "6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf", "lessThan": "09846c2309b150b8ce4e0ce96f058197598fc530", "status": "affected", "versionType": "git" }, { "version": "6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf", "lessThan": "64435b64e43d8ee60faa46c0cd04e323e8b2a7b0", "status": "affected", "versionType": "git" }, { "version": "6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf", "lessThan": "4526a56e02da3725db979358964df9cd9c567154", "status": "affected", "versionType": "git" }, { "version": "6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf", "lessThan": "ab4ecfb627338e440ae11def004c524a00d93e40", "status": "affected", "versionType": "git" }, { "version": "6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf", "lessThan": "af8b593c3dd9df82cb199be65863af004b09fd97", "status": "affected", "versionType": "git" }, { "version": "6f9579d4e3021b17b0a4cde6b04a6c94c9575cdf", "lessThan": "b377add0f0117409c418ddd6504bd682ebe0bf79", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c" ], "versions": [ { "version": "5.1", "status": "affected" }, { "version": "0", "lessThan": "5.1", "status": "unaffected", "versionType": "semver" }, { "version": "5.4.275", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.10.216", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.15.158", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.90", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.6.30", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.8.9", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "5.4.275" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "5.10.216" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "5.15.158" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "6.1.90" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "6.6.30" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "6.8.9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.1", "versionEndExcluding": "6.9" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/0b2c13b670b168e324e1cf109e67056a20fd610a" }, { "url": "https://git.kernel.org/stable/c/09846c2309b150b8ce4e0ce96f058197598fc530" }, { "url": "https://git.kernel.org/stable/c/64435b64e43d8ee60faa46c0cd04e323e8b2a7b0" }, { "url": "https://git.kernel.org/stable/c/4526a56e02da3725db979358964df9cd9c567154" }, { "url": "https://git.kernel.org/stable/c/ab4ecfb627338e440ae11def004c524a00d93e40" }, { "url": "https://git.kernel.org/stable/c/af8b593c3dd9df82cb199be65863af004b09fd97" }, { "url": "https://git.kernel.org/stable/c/b377add0f0117409c418ddd6504bd682ebe0bf79" } ], "title": "mlxsw: spectrum_acl_tcam: Fix incorrect list API usage", "x_generator": { "engine": "bippy-1.2.0" } }, "adp": [ { "title": "CISA ADP Vulnrichment", "metrics": [ { "other": { "type": "ssvc", "content": { "id": "CVE-2024-36006", "role": "CISA Coordinator", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "version": "2.0.3", "timestamp": "2024-05-20T17:00:50.884985Z" } } } ], "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:47:57.118Z" } }, { "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:30:12.329Z" }, "title": "CVE Program Container", "references": [ { "url": "https://git.kernel.org/stable/c/0b2c13b670b168e324e1cf109e67056a20fd610a", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/09846c2309b150b8ce4e0ce96f058197598fc530", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/64435b64e43d8ee60faa46c0cd04e323e8b2a7b0", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/4526a56e02da3725db979358964df9cd9c567154", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/ab4ecfb627338e440ae11def004c524a00d93e40", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/af8b593c3dd9df82cb199be65863af004b09fd97", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/b377add0f0117409c418ddd6504bd682ebe0bf79", "tags": [ "x_transferred" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": [ "x_transferred" ] } ] }, { "x_adpType": "supplier", "providerMetadata": { "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T11:53:35.895Z" }, "affected": [ { "vendor": "Siemens", "product": "RUGGEDCOM RST2428P", "versions": [ { "status": "affected", "version": "0", "lessThan": "V3.1", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family", "versions": [ { "status": "unaffected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family", "versions": [ { "status": "affected", "version": "0", "lessThan": "V3.1", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", "versions": [ { "status": "affected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" } ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-613116.html" } ] } ] }, "dataVersion": "5.2" }