CVE-2024-57949

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() The following call-chain leads to enabling interrupts in a nested interrupt disabled section: irq_set_vcpu_affinity() irq_get_desc_lock() raw_spin_lock_irqsave() <--- Disable interrupts its_irq_set_vcpu_affinity() guard(raw_spinlock_irq) <--- Enables interrupts when leaving the guard() irq_put_desc_unlock() <--- Warns because interrupts are enabled This was broken in commit b97e8a2f7130, which replaced the original raw_spin_[un]lock() pair with guard(raw_spinlock_irq). Fix the issue by using guard(raw_spinlock). [ tglx: Massaged change log ]

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310	Patch
https://git.kernel.org/stable/c/6c84ff2e788fce0099ee3e71a3ed258b1ca1a223	Patch
https://git.kernel.org/stable/c/93955a7788121ab5a0f7f27e988b2ed1135a4866	Patch
https://git.kernel.org/stable/c/d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc7::::::

History

11 Feb 2025, 16:06

Type	Values Removed	Values Added
First Time		Linux linux Kernel Linux
CWE		CWE-667
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:6.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc7:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
References	~~() https://git.kernel.org/stable/c/35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310 -~~	() https://git.kernel.org/stable/c/35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310 - Patch
References	~~() https://git.kernel.org/stable/c/6c84ff2e788fce0099ee3e71a3ed258b1ca1a223 -~~	() https://git.kernel.org/stable/c/6c84ff2e788fce0099ee3e71a3ed258b1ca1a223 - Patch
References	~~() https://git.kernel.org/stable/c/93955a7788121ab5a0f7f27e988b2ed1135a4866 -~~	() https://git.kernel.org/stable/c/93955a7788121ab5a0f7f27e988b2ed1135a4866 - Patch
References	~~() https://git.kernel.org/stable/c/d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344 -~~	() https://git.kernel.org/stable/c/d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344 - Patch
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: irqchip/gic-v3-its: No habilitar interrupciones en its_irq_set_vcpu_affinity() La siguiente cadena de llamadas lleva a habilitar interrupciones en una sección de interrupción deshabilitada anidada: irq_set_vcpu_affinity() irq_get_desc_lock() raw_spin_lock_irqsave() <--- Deshabilitar interrupciones its_irq_set_vcpu_affinity() guard(raw_spinlock_irq) <--- Habilita interrupciones al salir de guard() irq_put_desc_unlock() <--- Advierte porque las interrupciones están habilitadas Esto se rompió en el commit b97e8a2f7130, que reemplazó el par original raw_spin_[un]lock() con guard(raw_spinlock_irq). Solucione el problema usando guard(raw_spinlock). [ tglx: Registro de cambios modificado ]

09 Feb 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-09 12:15

Updated : 2025-02-11 16:06

NVD link : CVE-2024-57949

Mitre link : CVE-2024-57949

CVE.ORG link : CVE-2024-57949

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-667

Improper Locking

5.5 /10