[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2024090413-CVE-2024-44958-80e9@gregkh>
Date: Wed, 4 Sep 2024 20:36:18 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
sched/smt: Fix unbalance sched_smt_present dec/inc
I got the following warn report while doing stress test:
jump label: negative count!
WARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_dec+0x9d/0xb0
Call Trace:
<TASK>
__static_key_slow_dec_cpuslocked+0x16/0x70
sched_cpu_deactivate+0x26e/0x2a0
cpuhp_invoke_callback+0x3ad/0x10d0
cpuhp_thread_fun+0x3f5/0x680
smpboot_thread_fn+0x56d/0x8d0
kthread+0x309/0x400
ret_from_fork+0x41/0x70
ret_from_fork_asm+0x1b/0x30
</TASK>
Because when cpuset_cpu_inactive() fails in sched_cpu_deactivate(),
the cpu offline failed, but sched_smt_present is decremented before
calling sched_cpu_deactivate(), it leads to unbalanced dec/inc, so
fix it by incrementing sched_smt_present in the error path.
The Linux kernel CVE team has assigned CVE-2024-44958 to this issue.
Affected and fixed versions
===========================
Issue introduced in 4.20 with commit c5511d03ec09 and fixed in 5.15.165 with commit 2a3548c7ef2e
Issue introduced in 4.20 with commit c5511d03ec09 and fixed in 6.1.105 with commit 2cf7665efe45
Issue introduced in 4.20 with commit c5511d03ec09 and fixed in 6.6.46 with commit 65727331b601
Issue introduced in 4.20 with commit c5511d03ec09 and fixed in 6.10.5 with commit d0c87a3c6be1
Issue introduced in 4.20 with commit c5511d03ec09 and fixed in 6.11-rc2 with commit e22f910a26cc
Issue introduced in 4.14.86 with commit 01659361c63f
Issue introduced in 4.19.7 with commit a2c094816f89
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2024-44958
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
kernel/sched/core.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/2a3548c7ef2e135aee40e7e5e44e7d11b893e7c4
https://git.kernel.org/stable/c/2cf7665efe451e48d27953e6b5bc627d518c902b
https://git.kernel.org/stable/c/65727331b60197b742089855ac09464c22b96f66
https://git.kernel.org/stable/c/d0c87a3c6be10a57aa3463c32c3fc6b2a47c3dab
https://git.kernel.org/stable/c/e22f910a26cc2a3ac9c66b8e935ef2a7dd881117
Powered by blists - more mailing lists