SB2024060838 - Information disclosure in Linux kernel smc
Published: June 8, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024060838
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Information disclosure (CVE-ID: CVE-2024-36945)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the smc_ib_find_route() function in net/smc/smc_ib.c. A local user can gain access to sensitive information.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/d5a466ab6e78d6f2e0f64435f1e17246c8e941ff
- https://git.kernel.org/stable/c/5df93c029a907b0ff5a4eeadd77ba06ff0a277d2
- https://git.kernel.org/stable/c/da91e447d06dc649fcf46e59122e7bf8f0b2e0db
- https://git.kernel.org/stable/c/2ddc0dd7fec86ee53b8928a5cca5fbddd4fc7c06
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.91
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.31
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.10