lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <2024081733-CVE-2024-43851-26f9@gregkh>
Date: Sat, 17 Aug 2024 11:22:55 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-43851: soc: xilinx: rename cpu_number1 to dummy_cpu_number

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

soc: xilinx: rename cpu_number1 to dummy_cpu_number

The per cpu variable cpu_number1 is passed to xlnx_event_handler as
argument "dev_id", but it is not used in this function. So drop the
initialization of this variable and rename it to dummy_cpu_number.
This patch is to fix the following call trace when the kernel option
CONFIG_DEBUG_ATOMIC_SLEEP is enabled:

BUG: sleeping function called from invalid context at include/linux/sched/mm.h:274
    in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper/0
    preempt_count: 1, expected: 0
    CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.1.0 #53
    Hardware name: Xilinx Versal vmk180 Eval board rev1.1 (QSPI) (DT)
    Call trace:
     dump_backtrace+0xd0/0xe0
     show_stack+0x18/0x40
     dump_stack_lvl+0x7c/0xa0
     dump_stack+0x18/0x34
     __might_resched+0x10c/0x140
     __might_sleep+0x4c/0xa0
     __kmem_cache_alloc_node+0xf4/0x168
     kmalloc_trace+0x28/0x38
     __request_percpu_irq+0x74/0x138
     xlnx_event_manager_probe+0xf8/0x298
     platform_probe+0x68/0xd8

The Linux kernel CVE team has assigned CVE-2024-43851 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 6.1.77 with commit 01946c3c83b2 and fixed in 6.1.103 with commit a5e507fadab7
	Issue introduced in 6.6.16 with commit 4722924e7a62 and fixed in 6.6.44 with commit a96e60a6ea68
	Issue introduced in 6.8 with commit daed80ed0758 and fixed in 6.10.3 with commit f762acdaff9e
	Issue introduced in 6.8 with commit daed80ed0758 and fixed in 6.11-rc1 with commit 4a95449dd975
	Issue introduced in 6.7.4 with commit 548bdbbdcd35

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-43851
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	drivers/soc/xilinx/xlnx_event_manager.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/a5e507fadab76393cbc12344ebd65a417a09aa46
	https://git.kernel.org/stable/c/a96e60a6ea6818fd37b1853283a512c49af38cf5
	https://git.kernel.org/stable/c/f762acdaff9e54688be16e6c832c73a61533c1df
	https://git.kernel.org/stable/c/4a95449dd975e2ea6629a034f3e74b46c9634916

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ