What is the severity of CVE-2024-38540?

The severity of CVE-2024-38540 has been assessed, but specific severity levels (like CVSS scores) are not provided in the description.

How do I fix CVE-2024-38540?

To fix CVE-2024-38540, you should upgrade to the specified remediation versions of the kernel as outlined by your distribution.

What are the affected versions related to CVE-2024-38540?

CVE-2024-38540 affects various versions of the Linux kernel, including Red Hat kernel versions below 6.6.33 and Debian Linux versions up to 5.10.226-1.

Which distributions are impacted by CVE-2024-38540?

CVE-2024-38540 impacts Red Hat and Debian distributions.

Is CVE-2024-38540 related to a specific component of the Linux kernel?

Yes, CVE-2024-38540 is related to the bnxt_re component within the Linux kernel.

Vulnerability/
CVE-2024-38540

medium

4.4

19/6/2024

1/4/2025

CVE-2024-38540: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq

First published: Wed Jun 19 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq The Linux kernel CVE team has assigned <a href="https://access.redhat.com/security/cve/CVE-2024-38540">CVE-2024-38540</a> to this issue. Upstream advisory: <a href="https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38540-1d0a@gregkh/T">https://lore.kernel.org/linux-cve-announce/2024061947-CVE-2024-38540-1d0a@gregkh/T</a>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
redhat/kernel	<6.6.33	6.6.33
redhat/kernel	<6.8.12	6.8.12
redhat/kernel	<6.9.3	6.9.3
redhat/kernel	<6.10	6.10
Linux Kernel	>=5.7<6.1.117
Linux Kernel	>=6.2<6.6.33
Linux Kernel	>=6.7<6.8.12
Linux Kernel	>=6.9<6.9.3
debian/linux	<=5.10.223-1<=5.10.234-1	6.1.129-1 6.1.128-1 6.12.21-1 6.12.22-1
debian/linux-6.1		6.1.129-1~deb11u1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-38540?
The severity of CVE-2024-38540 has been assessed, but specific severity levels (like CVSS scores) are not provided in the description.
How do I fix CVE-2024-38540?
To fix CVE-2024-38540, you should upgrade to the specified remediation versions of the kernel as outlined by your distribution.
What are the affected versions related to CVE-2024-38540?
CVE-2024-38540 affects various versions of the Linux kernel, including Red Hat kernel versions below 6.6.33 and Debian Linux versions up to 5.10.226-1.
Which distributions are impacted by CVE-2024-38540?
CVE-2024-38540 impacts Red Hat and Debian distributions.
Is CVE-2024-38540 related to a specific component of the Linux kernel?
Yes, CVE-2024-38540 is related to the bnxt_re component within the Linux kernel.

agent/title
agent/type
collector/launchpad-cve
source/Launchpad
agent/remedy
agent/author
agent/first-publish-date
agent/severity
agent/references
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2024-38540
agent/software-canonical-lookup
collector/nvd-cve
source/NVD
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/source
agent/tags
collector/usn-cve
source/Ubuntu
agent/description
agent/softwarecombine
collector/security-tracker-debian
source/Debian
agent/event
collector/nvd-api
package-manager/redhat
package-manager/debian
vendor/linux
canonical/linux kernel
version/linux kernel/5.7
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.9

CVE-2024-38540: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-38540?

How do I fix CVE-2024-38540?

What are the affected versions related to CVE-2024-38540?

Which distributions are impacted by CVE-2024-38540?

Is CVE-2024-38540 related to a specific component of the Linux kernel?

Company

Resources

Contact