CVE-2024-46829

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-46829
In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless scheduling loop with the lock held, which triggers the 'scheduling in atomic' warning. Unlock rt_mutex::wait_lock in the dead lock case before issuing the warning and dropping into the schedule for ever loop. [ tglx: Moved unlock before the WARN(), removed the pointless comment, massaged changelog, added Fixes tag ]

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/1401da1486dc1cdbef6025fd74a3977df3a3e5d0 Patch
https://git.kernel.org/stable/c/432efdbe7da5ecfcbc0c2180cfdbab1441752a38 Patch
https://git.kernel.org/stable/c/6a976e9a47e8e5b326de671811561cab12e6fb1f Patch
https://git.kernel.org/stable/c/85f03ca98e07cd0786738b56ae73740bce0ac27f Patch
https://git.kernel.org/stable/c/93f44655472d9cd418293d328f9d141ca234ad83 Patch
https://git.kernel.org/stable/c/a92d81c9efec9280681c27a2c0a963fd0f1338e0 Patch
https://git.kernel.org/stable/c/d33d26036a0274b472299d7dcdaa5fb34329f91b Patch
https://git.kernel.org/stable/c/f13b5afc5c4889569d84c3011ce449f61fccfb28 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*
History

No history.

Information

Published : 2024-09-27 13:15

Updated : 2024-10-02 14:27

NVD link : CVE-2024-46829

Mitre link : CVE-2024-46829

CVE.ORG link : CVE-2024-46829

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-667

Improper Locking