CVE-2024-49963

{"id": "CVE-2024-49963", "cveTags": [], "metrics": {}, "published": "2024-10-21T18:15:17.447", "references": [{"url": "https://git.kernel.org/stable/c/10a58555e0bb5cc4673c8bb73b8afc5fa651f0ac", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/32ee78823dea2d54adaf6e05f86622eba359e091", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/90320cfc07b7d6e7a58fd8168f6380ec52ff0251", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/dc09f007caed3b2f6a3b6bd7e13777557ae22bfd", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/df293ea78740a41384d648041f38f645700288e1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/dfeb67b2194ecc55ef8065468c5adda3cdf59114", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e65a9af05a0b59ebeba28e5e82265a233db7bc27", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: bcm2835: Fix timeout during suspend mode\n\nDuring noirq suspend phase the Raspberry Pi power driver suffer of\nfirmware property timeouts. The reason is that the IRQ of the underlying\nBCM2835 mailbox is disabled and rpi_firmware_property_list() will always\nrun into a timeout [1].\n\nSince the VideoCore side isn't consider as a wakeup source, set the\nIRQF_NO_SUSPEND flag for the mailbox IRQ in order to keep it enabled\nduring suspend-resume cycle.\n\n[1]\nPM: late suspend of devices complete after 1.754 msecs\nWARNING: CPU: 0 PID: 438 at drivers/firmware/raspberrypi.c:128\n rpi_firmware_property_list+0x204/0x22c\nFirmware transaction 0x00028001 timeout\nModules linked in:\nCPU: 0 PID: 438 Comm: bash Tainted: G C 6.9.3-dirty #17\nHardware name: BCM2835\nCall trace:\nunwind_backtrace from show_stack+0x18/0x1c\nshow_stack from dump_stack_lvl+0x34/0x44\ndump_stack_lvl from __warn+0x88/0xec\n__warn from warn_slowpath_fmt+0x7c/0xb0\nwarn_slowpath_fmt from rpi_firmware_property_list+0x204/0x22c\nrpi_firmware_property_list from rpi_firmware_property+0x68/0x8c\nrpi_firmware_property from rpi_firmware_set_power+0x54/0xc0\nrpi_firmware_set_power from _genpd_power_off+0xe4/0x148\n_genpd_power_off from genpd_sync_power_off+0x7c/0x11c\ngenpd_sync_power_off from genpd_finish_suspend+0xcc/0xe0\ngenpd_finish_suspend from dpm_run_callback+0x78/0xd0\ndpm_run_callback from device_suspend_noirq+0xc0/0x238\ndevice_suspend_noirq from dpm_suspend_noirq+0xb0/0x168\ndpm_suspend_noirq from suspend_devices_and_enter+0x1b8/0x5ac\nsuspend_devices_and_enter from pm_suspend+0x254/0x2e4\npm_suspend from state_store+0xa8/0xd4\nstate_store from kernfs_fop_write_iter+0x154/0x1a0\nkernfs_fop_write_iter from vfs_write+0x12c/0x184\nvfs_write from ksys_write+0x78/0xc0\nksys_write from ret_fast_syscall+0x0/0x54\nException stack(0xcc93dfa8 to 0xcc93dff0)\n[...]\nPM: noirq suspend of devices complete after 3095.584 msecs"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mailbox: bcm2835: Fix timeout during suspend mode Durante la fase de suspensi\u00f3n de noirq, el controlador de energ\u00eda de Raspberry Pi sufre tiempos de espera de propiedad de firmware. La raz\u00f3n es que la IRQ del buz\u00f3n BCM2835 subyacente est\u00e1 deshabilitada y rpi_firmware_property_list() siempre se encontrar\u00e1 con un tiempo de espera [1]. Dado que el lado de VideoCore no se considera una fuente de reactivaci\u00f3n, configure el indicador IRQF_NO_SUSPEND para el IRQ del buz\u00f3n para mantenerlo habilitado durante el ciclo de suspensi\u00f3n-reanudaci\u00f3n. [1] PM: suspensi\u00f3n tard\u00eda de dispositivos completada despu\u00e9s de 1,754 msegs ADVERTENCIA: CPU: 0 PID: 438 en drivers/firmware/raspberrypi.c:128 rpi_firmware_property_list+0x204/0x22c Tiempo de espera de transacci\u00f3n de firmware 0x00028001 M\u00f3dulos vinculados: CPU: 0 PID: 438 Comm: bash Tainted: GC 6.9.3-dirty #17 Nombre del hardware: BCM2835 Rastreo de llamadas: unwind_backtrace de show_stack+0x18/0x1c show_stack de dump_stack_lvl+0x34/0x44 dump_stack_lvl de __warn+0x88/0xec __warn de warn_slowpath_fmt+0x7c/0xb0 warn_slowpath_fmt de rpi_firmware_property_list+0x204/0x22c rpi_firmware_property_list de rpi_firmware_property+0x68/0x8c rpi_firmware_property de rpi_firmware_set_power+0x54/0xc0 rpi_firmware_set_power de _genpd_power_off+0xe4/0x148 _genpd_power_off de genpd_sync_power_off+0x7c/0x11c genpd_sync_power_off de genpd_finish_suspend+0xcc/0xe0 genpd_finish_suspend de dpm_run_callback+0x78/0xd0 dpm_run_callback de device_suspend_noirq+0xc0/0x238 device_suspend_noirq de dpm_suspend_noirq+0xb0/0x168 dpm_suspend_noirq desde suspend_devices_and_enter+0x1b8/0x5ac suspend_devices_and_enter desde pm_suspend+0x254/0x2e4 pm_suspend desde state_store+0xa8/0xd4 state_store desde kernfs_fop_write_iter+0x154/0x1a0 kernfs_fop_write_iter desde vfs_write+0x12c/0x184 vfs_write desde ksys_write+0x78/0xc0 ksys_write desde ret_fast_syscall+0x0/0x54 Pila de excepciones (0xcc93dfa8 a 0xcc93dff0) [...] PM: suspensi\u00f3n noirq de dispositivos completada despu\u00e9s de 3095,584 mseg"}], "lastModified": "2024-10-23T15:13:25.583", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}