CVE-2024-38606

2024-06-1900:00:00

ubuntu.com

linux kernel qat device telemetry

AI Score

6.5

Confidence

High

JSON

In the Linux kernel, the following vulnerability has been resolved: crypto:
qat - validate slices count returned by FW The function
adf_send_admin_tl_start() enables the telemetry (TL) feature on a QAT
device by sending the ICP_QAT_FW_TL_START message to the firmware. This
triggers the FW to start writing TL data to a DMA buffer in memory and
returns an array containing the number of accelerators of each type
(slices) supported by this HW. The pointer to this array is stored in the
adf_tl_hw_data data structure called slice_cnt. The array slice_cnt is then
used in the function tl_print_dev_data() to report in debugfs only
statistics about the supported accelerators. An incorrect value of the
elements in slice_cnt might lead to an out of bounds memory read. At the
moment, there isn’t an implementation of FW that returns a wrong value, but
for robustness validate the slice count array returned by FW.

OSVersionArchitecturePackageVersionFilename
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux-aws< anyUNKNOWN
ubuntu24.04noarchlinux-azure< anyUNKNOWN
ubuntu24.04noarchlinux-gcp< anyUNKNOWN
ubuntu24.04noarchlinux-gke< anyUNKNOWN
ubuntu24.04noarchlinux-ibm< anyUNKNOWN
ubuntu24.04noarchlinux-intel< anyUNKNOWN
ubuntu24.04noarchlinux-lowlatency< anyUNKNOWN
ubuntu24.04noarchlinux-nvidia< anyUNKNOWN
ubuntu24.04noarchlinux-oem-6.8< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	24.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	24.04	noarch	linux-gcp	< any	UNKNOWN
ubuntu	24.04	noarch	linux-gke	< any	UNKNOWN
ubuntu	24.04	noarch	linux-ibm	< any	UNKNOWN
ubuntu	24.04	noarch	linux-intel	< any	UNKNOWN
ubuntu	24.04	noarch	linux-lowlatency	< any	UNKNOWN
ubuntu	24.04	noarch	linux-nvidia	< any	UNKNOWN
ubuntu	24.04	noarch	linux-oem-6.8	< any	UNKNOWN