| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024092751-CVE-2024-46829-da70@gregkh> Date: Fri, 27 Sep 2024 14:39:57 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-46829: rtmutex: Drop rt_mutex::wait_lock before scheduling Description =========== In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless scheduling loop with the lock held, which triggers the 'scheduling in atomic' warning. Unlock rt_mutex::wait_lock in the dead lock case before issuing the warning and dropping into the schedule for ever loop. [ tglx: Moved unlock before the WARN(), removed the pointless comment, massaged changelog, added Fixes tag ] The Linux kernel CVE team has assigned CVE-2024-46829 to this issue. Affected and fixed versions =========================== Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 4.19.322 with commit 432efdbe7da5 Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 5.4.284 with commit 6a976e9a47e8 Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 5.10.226 with commit 1401da1486dc Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 5.15.167 with commit 93f44655472d Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 6.1.110 with commit a92d81c9efec Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 6.6.51 with commit 85f03ca98e07 Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 6.10.10 with commit f13b5afc5c48 Issue introduced in 3.16 with commit 3d5c9340d194 and fixed in 6.11 with commit d33d26036a02 Issue introduced in 3.2.61 with commit 95f9aded9436 Issue introduced in 3.4.99 with commit ea018da95368 Issue introduced in 3.10.49 with commit 1201613a70dd Issue introduced in 3.12.25 with commit a2e64fcdc83c Issue introduced in 3.14.10 with commit fb52f40e085e Issue introduced in 3.15.3 with commit 2b1f3807ed9c Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-46829 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: kernel/locking/rtmutex.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/432efdbe7da5ecfcbc0c2180cfdbab1441752a38 https://git.kernel.org/stable/c/6a976e9a47e8e5b326de671811561cab12e6fb1f https://git.kernel.org/stable/c/1401da1486dc1cdbef6025fd74a3977df3a3e5d0 https://git.kernel.org/stable/c/93f44655472d9cd418293d328f9d141ca234ad83 https://git.kernel.org/stable/c/a92d81c9efec9280681c27a2c0a963fd0f1338e0 https://git.kernel.org/stable/c/85f03ca98e07cd0786738b56ae73740bce0ac27f https://git.kernel.org/stable/c/f13b5afc5c4889569d84c3011ce449f61fccfb28 https://git.kernel.org/stable/c/d33d26036a0274b472299d7dcdaa5fb34329f91b
Powered by blists - more mailing lists