CVE-2024-50032

{"id": "CVE-2024-50032", "cveTags": [], "metrics": {}, "published": "2024-10-21T20:15:16.417", "references": [{"url": "https://git.kernel.org/stable/c/84a5feebba10354c683983f5f1372a144225e4c2", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e66b1e01f2eb3209d08122572f41f7838b79540d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f7345ccc62a4b880cf76458db5f320725f28e400", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Received", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu/nocb: Fix rcuog wake-up from offline softirq\n\nAfter a CPU has set itself offline and before it eventually calls\nrcutree_report_cpu_dead(), there are still opportunities for callbacks\nto be enqueued, for example from a softirq. When that happens on NOCB,\nthe rcuog wake-up is deferred through an IPI to an online CPU in order\nnot to call into the scheduler and risk arming the RT-bandwidth after\nhrtimers have been migrated out and disabled.\n\nBut performing a synchronized IPI from a softirq is buggy as reported in\nthe following scenario:\n\n WARNING: CPU: 1 PID: 26 at kernel/smp.c:633 smp_call_function_single\n Modules linked in: rcutorture torture\n CPU: 1 UID: 0 PID: 26 Comm: migration/1 Not tainted 6.11.0-rc1-00012-g9139f93209d1 #1\n Stopper: multi_cpu_stop+0x0/0x320 <- __stop_cpus+0xd0/0x120\n RIP: 0010:smp_call_function_single\n <IRQ>\n swake_up_one_online\n __call_rcu_nocb_wake\n __call_rcu_common\n ? rcu_torture_one_read\n call_timer_fn\n __run_timers\n run_timer_softirq\n handle_softirqs\n irq_exit_rcu\n ? tick_handle_periodic\n sysvec_apic_timer_interrupt\n </IRQ>\n\nFix this with forcing deferred rcuog wake up through the NOCB timer when\nthe CPU is offline. The actual wake up will happen from\nrcutree_report_cpu_dead()."}], "lastModified": "2024-10-21T20:15:16.417", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}