Sign-up

ID

VAR-202405-3064


CVE

CVE-2024-36007


TITLE

Linux  of  Linux Kernel  Vulnerabilities in products from multiple vendors such as

Trust: 0.8

sources: JVNDB: JVNDB-2024-029638

DESCRIPTION

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in each chunk iterating over all the filters. When the work runs out of credits it stores the current chunk and entry as markers in the per-work context so that it would know where to resume the migration from the next time the work is scheduled. Upon error, the chunk marker is reset to NULL, but without resetting the entry markers despite being relative to it. This can result in migration being resumed from an entry that does not belong to the chunk being migrated. In turn, this will eventually lead to a chunk being iterated over as if it is an entry. Because of how the two structures happen to be defined, this does not lead to KASAN splats, but to warnings such as [1]. Fix by creating a helper that resets all the markers and call it from all the places the currently only reset the chunk marker. For good measures also call it when starting a completely new rehash. Add a warning to avoid future cases. [1] WARNING: CPU: 7 PID: 1076 at drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c:407 mlxsw_afk_encode+0x242/0x2f0 Modules linked in: CPU: 7 PID: 1076 Comm: kworker/7:24 Tainted: G W 6.9.0-rc3-custom-00880-g29e61d91b77b #29 Hardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019 Workqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work RIP: 0010:mlxsw_afk_encode+0x242/0x2f0 [...] Call Trace: <TASK> mlxsw_sp_acl_atcam_entry_add+0xd9/0x3c0 mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x109/0x290 mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x470 process_one_work+0x151/0x370 worker_thread+0x2cb/0x3e0 kthread+0xd0/0x100 ret_from_fork+0x34/0x50 </TASK>. Linux of Linux Kernel Unspecified vulnerabilities exist in products from multiple vendors.Service operation interruption (DoS) It may be in a state. The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs). Multiple vulnerabilities in third-party components of Siemens' SINEC OS could allow attackers to gain control of the server

Trust: 2.16

sources: NVD: CVE-2024-36007 // JVNDB: JVNDB-2024-029638 // CNVD: CNVD-2025-19346

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-19346

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:eqversion:6.9

Trust: 1.8

vendor:linuxmodel:kernelscope:gteversion:5.11

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.8.9

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.5

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:6.2

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.16

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.216

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.1.90

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.4.275

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.1

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.15.158

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:6.6.30

Trust: 1.0

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.11 that's all 5.15.158

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.1 that's all 5.4.275

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.16 that's all 6.1.90

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:5.5 that's all 5.10.216

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.2 that's all 6.6.30

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:6.7 that's all 6.8.9

Trust: 0.8

vendor:siemensmodel:ruggedcom rst2428pscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 familyscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:scalance xcm-/xrm-/xch-/xrh-300 familyscope:ltversion:v3.1

Trust: 0.6

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-029638 // NVD: CVE-2024-36007

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-36007
value: MEDIUM

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-36007
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-36007
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2025-19346
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-19346
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-36007
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2024-36007
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-029638 // NVD: CVE-2024-36007 // NVD: CVE-2024-36007

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-029638 // NVD: CVE-2024-36007

PATCH

title:Linux Kernel Archivesurl:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Trust: 0.8

title:Patch for Multiple vulnerabilities in Siemens SINEC OS third-party componentsurl:https://www.cnvd.org.cn/patchInfo/show/723071

Trust: 0.6

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-029638

EXTERNAL IDS

db:NVDid:CVE-2024-36007

Trust: 2.6

db:SIEMENSid:SSA-613116

Trust: 1.6

db:SIEMENSid:SSA-265688

Trust: 1.0

db:JVNDBid:JVNDB-2024-029638

Trust: 0.8

db:CNVDid:CNVD-2025-19346

Trust: 0.6

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-029638 // NVD: CVE-2024-36007

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Trust: 1.6

url:https://git.kernel.org/stable/c/17e9e0bbae652b9b2049e51699e93dfa60b2988d

Trust: 1.0

url:https://git.kernel.org/stable/c/e890456051fe8c57944b911defb3e6de91315861

Trust: 1.0

url:https://git.kernel.org/stable/c/751d352858108314efd33dddd5a9a2b6bf7d6916

Trust: 1.0

url:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Trust: 1.0

url:https://git.kernel.org/stable/c/0b88631855026b55cad901ac28d081e0f358e596

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Trust: 1.0

url:https://git.kernel.org/stable/c/743edc8547a92b6192aa1f1b6bb78233fa21dc9b

Trust: 1.0

url:https://git.kernel.org/stable/c/039992b6d2df097c65f480dcf269de3d2656f573

Trust: 1.0

url:https://git.kernel.org/stable/c/1d76bd2a0034d0d08045c1c6adf2235d88982952

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2024-36007

Trust: 0.8

sources: CNVD: CNVD-2025-19346 // JVNDB: JVNDB-2024-029638 // NVD: CVE-2024-36007

SOURCES

db:CNVDid:CNVD-2025-19346
db:JVNDBid:JVNDB-2024-029638
db:NVDid:CVE-2024-36007

LAST UPDATE DATE

2026-06-19T20:43:07.280000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-19346date:2025-08-22T00:00:00
db:JVNDBid:JVNDB-2024-029638date:2025-12-19T08:51:00
db:NVDid:CVE-2024-36007date:2026-05-12T12:16:47.357

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-19346date:2025-08-12T00:00:00
db:JVNDBid:JVNDB-2024-029638date:2025-12-19T00:00:00
db:NVDid:CVE-2024-36007date:2024-05-20T10:15:14.637