CVE-2024-49963

In the Linux kernel, the following vulnerability has been resolved: mailbox: bcm2835: Fix timeout during suspend mode During noirq suspend phase the Raspberry Pi power driver suffer of firmware property timeouts. The reason is that the IRQ of the underlying BCM2835 mailbox is disabled and rpi_firmware_property_list() will always run into a timeout [1]. Since the VideoCore side isn't consider as a wakeup source, set the IRQF_NO_SUSPEND flag for the mailbox IRQ in order to keep it enabled during suspend-resume cycle. [1] PM: late suspend of devices complete after 1.754 msecs WARNING: CPU: 0 PID: 438 at drivers/firmware/raspberrypi.c:128 rpi_firmware_property_list+0x204/0x22c Firmware transaction 0x00028001 timeout Modules linked in: CPU: 0 PID: 438 Comm: bash Tainted: G C 6.9.3-dirty #17 Hardware name: BCM2835 Call trace: unwind_backtrace from show_stack+0x18/0x1c show_stack from dump_stack_lvl+0x34/0x44 dump_stack_lvl from __warn+0x88/0xec __warn from warn_slowpath_fmt+0x7c/0xb0 warn_slowpath_fmt from rpi_firmware_property_list+0x204/0x22c rpi_firmware_property_list from rpi_firmware_property+0x68/0x8c rpi_firmware_property from rpi_firmware_set_power+0x54/0xc0 rpi_firmware_set_power from _genpd_power_off+0xe4/0x148 _genpd_power_off from genpd_sync_power_off+0x7c/0x11c genpd_sync_power_off from genpd_finish_suspend+0xcc/0xe0 genpd_finish_suspend from dpm_run_callback+0x78/0xd0 dpm_run_callback from device_suspend_noirq+0xc0/0x238 device_suspend_noirq from dpm_suspend_noirq+0xb0/0x168 dpm_suspend_noirq from suspend_devices_and_enter+0x1b8/0x5ac suspend_devices_and_enter from pm_suspend+0x254/0x2e4 pm_suspend from state_store+0xa8/0xd4 state_store from kernfs_fop_write_iter+0x154/0x1a0 kernfs_fop_write_iter from vfs_write+0x12c/0x184 vfs_write from ksys_write+0x78/0xc0 ksys_write from ret_fast_syscall+0x0/0x54 Exception stack(0xcc93dfa8 to 0xcc93dff0) [...] PM: noirq suspend of devices complete after 3095.584 msecs
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

08 Nov 2024, 16:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/4e1e03760ee7cc4779b6306867fe0fc02921b963 -
  • () https://git.kernel.org/stable/c/b0de20de29b13950493a36bd4cf531200eb0e807 -

07 Nov 2024, 19:20

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/10a58555e0bb5cc4673c8bb73b8afc5fa651f0ac - () https://git.kernel.org/stable/c/10a58555e0bb5cc4673c8bb73b8afc5fa651f0ac - Patch
References () https://git.kernel.org/stable/c/32ee78823dea2d54adaf6e05f86622eba359e091 - () https://git.kernel.org/stable/c/32ee78823dea2d54adaf6e05f86622eba359e091 - Patch
References () https://git.kernel.org/stable/c/90320cfc07b7d6e7a58fd8168f6380ec52ff0251 - () https://git.kernel.org/stable/c/90320cfc07b7d6e7a58fd8168f6380ec52ff0251 - Patch
References () https://git.kernel.org/stable/c/dc09f007caed3b2f6a3b6bd7e13777557ae22bfd - () https://git.kernel.org/stable/c/dc09f007caed3b2f6a3b6bd7e13777557ae22bfd - Patch
References () https://git.kernel.org/stable/c/df293ea78740a41384d648041f38f645700288e1 - () https://git.kernel.org/stable/c/df293ea78740a41384d648041f38f645700288e1 - Patch
References () https://git.kernel.org/stable/c/dfeb67b2194ecc55ef8065468c5adda3cdf59114 - () https://git.kernel.org/stable/c/dfeb67b2194ecc55ef8065468c5adda3cdf59114 - Patch
References () https://git.kernel.org/stable/c/e65a9af05a0b59ebeba28e5e82265a233db7bc27 - () https://git.kernel.org/stable/c/e65a9af05a0b59ebeba28e5e82265a233db7bc27 - Patch
First Time Linux
Linux linux Kernel
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5

23 Oct 2024, 15:13

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mailbox: bcm2835: Fix timeout during suspend mode Durante la fase de suspensión de noirq, el controlador de energía de Raspberry Pi sufre tiempos de espera de propiedad de firmware. La razón es que la IRQ del buzón BCM2835 subyacente está deshabilitada y rpi_firmware_property_list() siempre se encontrará con un tiempo de espera [1]. Dado que el lado de VideoCore no se considera una fuente de reactivación, configure el indicador IRQF_NO_SUSPEND para el IRQ del buzón para mantenerlo habilitado durante el ciclo de suspensión-reanudación. [1] PM: suspensión tardía de dispositivos completada después de 1,754 msegs ADVERTENCIA: CPU: 0 PID: 438 en drivers/firmware/raspberrypi.c:128 rpi_firmware_property_list+0x204/0x22c Tiempo de espera de transacción de firmware 0x00028001 Módulos vinculados: CPU: 0 PID: 438 Comm: bash Tainted: GC 6.9.3-dirty #17 Nombre del hardware: BCM2835 Rastreo de llamadas: unwind_backtrace de show_stack+0x18/0x1c show_stack de dump_stack_lvl+0x34/0x44 dump_stack_lvl de __warn+0x88/0xec __warn de warn_slowpath_fmt+0x7c/0xb0 warn_slowpath_fmt de rpi_firmware_property_list+0x204/0x22c rpi_firmware_property_list de rpi_firmware_property+0x68/0x8c rpi_firmware_property de rpi_firmware_set_power+0x54/0xc0 rpi_firmware_set_power de _genpd_power_off+0xe4/0x148 _genpd_power_off de genpd_sync_power_off+0x7c/0x11c genpd_sync_power_off de genpd_finish_suspend+0xcc/0xe0 genpd_finish_suspend de dpm_run_callback+0x78/0xd0 dpm_run_callback de device_suspend_noirq+0xc0/0x238 device_suspend_noirq de dpm_suspend_noirq+0xb0/0x168 dpm_suspend_noirq desde suspend_devices_and_enter+0x1b8/0x5ac suspend_devices_and_enter desde pm_suspend+0x254/0x2e4 pm_suspend desde state_store+0xa8/0xd4 state_store desde kernfs_fop_write_iter+0x154/0x1a0 kernfs_fop_write_iter desde vfs_write+0x12c/0x184 vfs_write desde ksys_write+0x78/0xc0 ksys_write desde ret_fast_syscall+0x0/0x54 Pila de excepciones (0xcc93dfa8 a 0xcc93dff0) [...] PM: suspensión noirq de dispositivos completada después de 3095,584 mseg

21 Oct 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 18:15

Updated : 2024-11-08 16:15


NVD link : CVE-2024-49963

Mitre link : CVE-2024-49963

CVE.ORG link : CVE-2024-49963


JSON object : View

Products Affected

linux

  • linux_kernel