Improper Locking Affecting kernel-64kb-devel package, versions <6.4.0-150600.23.14.1
Threat Intelligence
EPSS
0.04% (6th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-SLES156-KERNEL64KBDEVEL-7553789
- published 23 Jul 2024
- disclosed 22 Jul 2024
Introduced: 22 Jul 2024
CVE-2024-38591 Open this link in a new tabHow to fix?
Upgrade SLES:15.6 kernel-64kb-devel to version 6.4.0-150600.23.14.1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-64kb-devel package and not the kernel-64kb-devel package as distributed by SLES.
See How to fix? for SLES:15.6 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
RDMA/hns: Fix deadlock on SRQ async events.
xa_lock for SRQ table may be required in AEQ. Use xa_store_irq()/ xa_erase_irq() to avoid deadlock.
References
- https://www.suse.com/security/cve/CVE-2024-38591.html
- https://bugzilla.suse.com/1226738
- https://git.kernel.org/stable/c/22c915af31bd84ffaa46145e317f53333f94a868
- https://git.kernel.org/stable/c/4a3be1a0ffe04c085dd7f79be97c91b0c786df3d
- https://git.kernel.org/stable/c/72dc542f0d8977e7d41d610db6bb65c47cad43e9
- https://git.kernel.org/stable/c/756ddbe665ea7f9416951bd76731b174d136eea0
- https://git.kernel.org/stable/c/b46494b6f9c19f141114a57729e198698f40af37
- https://git.kernel.org/stable/c/d271e66abac5c7eb8de345b9b44d89f777437a4c
CVSS Scores
version 3.1