🛡️ UBUNTU-CVE-2024-40992
⚪ Unknown ✅ No Known Exploit OSV
N/A
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently dropped by the responder. The responder then waits for a new request packet. commit 689c5421bfe0 ("RDMA/rxe: Fix incorrect responder length checking") defers responder length check for UD QPs in function `copy_data`. But it introduces a regression issue for UD QPs. When the packet size is too large to fit in the receive buffer. `copy_data` will return error code -EINVAL. Then `send_data_in` will return RESPST_ERR_MALFORMED_WQE. UD QP will transfer into ERROR state.

Details

Severity Unknown
CVSS Score N/A
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE N/A
Public Exploit ✅ No
Source OSV
Published 2024-07-12
Updated 2026-06-15
Modified 2026-04-22
Fix URL N/A

Affected Packages

Software From version Fixed in
linux 6.8.0-44.44
linux-allwinner-5.19
linux-aws 6.8.0-1015.16
linux-aws-5.0
linux-aws-5.11
linux-aws-5.13
linux-aws-5.19
linux-aws-5.3
linux-aws-5.8
linux-aws-6.2
linux-aws-6.5
linux-aws-6.8 6.8.0-1015.16~22.04.1
linux-azure 6.8.0-1014.16
linux-azure-5.11
linux-azure-5.13
linux-azure-5.19
linux-azure-5.3
linux-azure-5.8
linux-azure-6.2
linux-azure-6.5
linux-azure-6.8 6.8.0-1014.16~22.04.1
linux-azure-edge
linux-azure-fde
linux-azure-fde-5.19
linux-azure-fde-6.2
linux-gcp 6.8.0-1014.16
linux-gcp-5.11
linux-gcp-5.13
linux-gcp-5.19
linux-gcp-5.3
linux-gcp-5.8
linux-gcp-6.2
linux-gcp-6.5
linux-gcp-6.8 6.8.0-1014.16~22.04.1
linux-gke 6.8.0-1010.13
linux-gke-4.15
linux-gke-5.15
linux-gke-5.4
linux-gkeop-5.4
linux-hwe
linux-hwe-5.11
linux-hwe-5.13
linux-hwe-5.19
linux-hwe-5.8
linux-hwe-6.2
linux-hwe-6.5
linux-hwe-6.8 6.8.0-45.45~22.04.1
linux-hwe-edge
linux-ibm 6.8.0-1012.12
linux-intel-5.13
linux-intel-iot-realtime
linux-lowlatency 6.8.0-44.44.1
linux-lowlatency-hwe-5.19
linux-lowlatency-hwe-6.2
linux-lowlatency-hwe-6.5
linux-lowlatency-hwe-6.8 6.8.0-44.44.1~22.04.1
linux-nvidia 6.8.0-1013.14
linux-nvidia-6.2
linux-nvidia-6.5
linux-nvidia-6.8 6.8.0-1013.14~22.04.1
linux-nvidia-lowlatency 6.8.0-1013.14.1
linux-oem
linux-oem-5.10
linux-oem-5.13
linux-oem-5.14
linux-oem-5.17
linux-oem-5.6
linux-oem-6.0
linux-oem-6.1
linux-oem-6.5
linux-oem-6.8 6.8.0-1012.12
linux-oracle 6.8.0-1012.12
linux-oracle-5.0
linux-oracle-5.11
linux-oracle-5.13
linux-oracle-5.3
linux-oracle-5.8
linux-oracle-6.5
linux-oracle-6.8 6.8.0-1012.12~22.04.1
linux-raspi 6.8.0-1011.12
linux-raspi-realtime 6.8.0-2010.10
linux-raspi2
linux-realtime 6.8.1-1008.8
linux-riscv 6.8.0-44.44.1
linux-riscv-5.11
linux-riscv-5.19
linux-riscv-5.8
linux-riscv-6.5
linux-riscv-6.8 6.8.0-44.44.1~22.04.1
linux-starfive-5.19
linux-starfive-6.2
linux-starfive-6.5

References

Similar Threats

Patch Gap Protection

Running software with known vulnerabilities?

BotEraser can help reduce exposure by blocking IPs associated with exploit activity — even before a patch is available.

Start Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.