| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024050115-CVE-2024-27055-449e@gregkh>
Date: Wed, 1 May 2024 14:57:40 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-27055: workqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
workqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()
For wq_update_node_max_active(), @off_cpu of -1 indicates that no CPU is
going down. The function was incorrectly calling cpumask_test_cpu() with -1
CPU leading to oopses like the following on some archs:
Unable to handle kernel paging request at virtual address ffff0002100296e0
..
pc : wq_update_node_max_active+0x50/0x1fc
lr : wq_update_node_max_active+0x1f0/0x1fc
...
Call trace:
wq_update_node_max_active+0x50/0x1fc
apply_wqattrs_commit+0xf0/0x114
apply_workqueue_attrs_locked+0x58/0xa0
alloc_workqueue+0x5ac/0x774
workqueue_init_early+0x460/0x540
start_kernel+0x258/0x684
__primary_switched+0xb8/0xc0
Code: 9100a273 35000d01 53067f00 d0016dc1 (f8607a60)
---[ end trace 0000000000000000 ]---
Kernel panic - not syncing: Attempted to kill the idle task!
---[ end Kernel panic - not syncing: Attempted to kill the idle task! ]---
Fix it.
The Linux kernel CVE team has assigned CVE-2024-27055 to this issue.
Affected and fixed versions
===========================
Issue introduced in 6.6.23 with commit 5a70baec2294 and fixed in 6.6.25 with commit a75ac2693d73
Issue introduced in 6.8.2 with commit 843288afd3cc and fixed in 6.8.4 with commit adc646d21269
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2024-27055
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
kernel/workqueue.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/7df62b8cca38aa452b508b477b16544cba615084
https://git.kernel.org/stable/c/a75ac2693d734d20724f0e10e039ca85f1fcfc4e
https://git.kernel.org/stable/c/38c19c44cc05ec1e84d2e31a9a289b83b6c7ec85
https://git.kernel.org/stable/c/9fc557d489f8163c1aabcb89114b8eba960f4097
https://git.kernel.org/stable/c/adc646d2126988a64234502f579e4bc2b080d7cf
https://git.kernel.org/stable/c/15930da42f8981dc42c19038042947b475b19f47
Powered by blists - more mailing lists