CVE-2024-44968

In the Linux kernel, the following vulnerability has been resolved: tick/broadcast: Move per CPU pointer access into the atomic section The recent fix for making the take over of the broadcast timer more reliable retrieves a per CPU pointer in preemptible context. This went unnoticed as compilers hoist the access into the non-preemptible region where the pointer is actually used. But of course it's valid that the compiler keeps it at the place where the code puts it which rightfully triggers: BUG: using smp_processor_id() in preemptible [00000000] code: caller is hotplug_cpu__broadcast_tick_pull+0x1c/0xc0 Move it to the actual usage site which is in a non-preemptible region.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*

History

03 Oct 2024, 18:04

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/541a900d245536d4809cb1aa322c3fcc2cdb58a6 - () https://git.kernel.org/stable/c/541a900d245536d4809cb1aa322c3fcc2cdb58a6 - Patch
References () https://git.kernel.org/stable/c/668c6c4a7e9e9f081c06b70f30104fb7013437ed - () https://git.kernel.org/stable/c/668c6c4a7e9e9f081c06b70f30104fb7013437ed - Patch
References () https://git.kernel.org/stable/c/6881e75237a84093d0986f56223db3724619f26e - () https://git.kernel.org/stable/c/6881e75237a84093d0986f56223db3724619f26e - Patch
References () https://git.kernel.org/stable/c/7b3ec186ba93e333e9efe7254e7e31c1828e5d2d - () https://git.kernel.org/stable/c/7b3ec186ba93e333e9efe7254e7e31c1828e5d2d - Patch
References () https://git.kernel.org/stable/c/7dd12f85f150010ef7518201c63fa7e395f5c3e9 - () https://git.kernel.org/stable/c/7dd12f85f150010ef7518201c63fa7e395f5c3e9 - Patch
References () https://git.kernel.org/stable/c/b9d604933d5fd72dd37f24e1dc35f778297d745a - () https://git.kernel.org/stable/c/b9d604933d5fd72dd37f24e1dc35f778297d745a - Patch
References () https://git.kernel.org/stable/c/f54abf332a2bc0413cfa8bd6a8511f7aa99faea0 - () https://git.kernel.org/stable/c/f54abf332a2bc0413cfa8bd6a8511f7aa99faea0 - Patch
References () https://git.kernel.org/stable/c/f91fb47ecacc178a83a77eeebd25cbaec18c01d6 - () https://git.kernel.org/stable/c/f91fb47ecacc178a83a77eeebd25cbaec18c01d6 - Patch
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

05 Sep 2024, 12:53

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tick/broadcast: mover el acceso al puntero por CPU a la sección atómica La solución reciente para hacer que la toma de control del temporizador de difusión sea más fiable recupera un puntero por CPU en un contexto preemptible. Esto pasó desapercibido ya que los compiladores elevan el acceso a la región no preemptible donde realmente se usa el puntero. Pero, por supuesto, es válido que el compilador lo mantenga en el lugar donde lo pone el código, lo que activa correctamente: ERROR: usar smp_processor_id() en código preemptible [00000000]: el llamador es hotplug_cpu__broadcast_tick_pull+0x1c/0xc0 Muévalo al sitio de uso real que está en una región no preemptible.

04 Sep 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-04 19:15

Updated : 2024-10-03 18:04


NVD link : CVE-2024-44968

Mitre link : CVE-2024-44968

CVE.ORG link : CVE-2024-44968


JSON object : View

Products Affected

linux

  • linux_kernel