| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025011105-CVE-2024-57838-4111@gregkh> Date: Sat, 11 Jan 2025 15:09:05 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings Description =========== In the Linux kernel, the following vulnerability has been resolved: s390/entry: Mark IRQ entries to fix stack depot warnings The stack depot filters out everything outside of the top interrupt context as an uninteresting or irrelevant part of the stack traces. This helps with stack trace de-duplication, avoiding an explosion of saved stack traces that share the same IRQ context code path but originate from different randomly interrupted points, eventually exhausting the stack depot. Filtering uses in_irqentry_text() to identify functions within the .irqentry.text and .softirqentry.text sections, which then become the last stack trace entries being saved. While __do_softirq() is placed into the .softirqentry.text section by common code, populating .irqentry.text is architecture-specific. Currently, the .irqentry.text section on s390 is empty, which prevents stack depot filtering and de-duplication and could result in warnings like: Stack depot reached limit capacity WARNING: CPU: 0 PID: 286113 at lib/stackdepot.c:252 depot_alloc_stack+0x39a/0x3c8 with PREEMPT and KASAN enabled. Fix this by moving the IO/EXT interrupt handlers from .kprobes.text into the .irqentry.text section and updating the kprobes blacklist to include the .irqentry.text section. This is done only for asynchronous interrupts and explicitly not for program checks, which are synchronous and where the context beyond the program check is important to preserve. Despite machine checks being somewhat in between, they are extremely rare, and preserving context when possible is also of value. SVCs and Restart Interrupts are not relevant, one being always at the boundary to user space and the other being a one-time thing. IRQ entries filtering is also optionally used in ftrace function graph, where the same logic applies. The Linux kernel CVE team has assigned CVE-2024-57838 to this issue. Affected and fixed versions =========================== Fixed in 5.15.174 with commit ca687fdce5b95f84d91d6e36ac77047771eb3dfc Fixed in 6.1.120 with commit 5bb7a2c3afcf8732dc65ea49c09147b07da1d993 Fixed in 6.6.64 with commit 1af22528fee8072b7adc007b8ca49cc4ea62689e Fixed in 6.12.4 with commit 473ffae3030188f1c6b80e1b3631a26b4adf7b32 Fixed in 6.13-rc1 with commit 45c9f2b856a075a34873d00788d2e8a250c1effd Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-57838 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: arch/s390/kernel/entry.S arch/s390/kernel/kprobes.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/ca687fdce5b95f84d91d6e36ac77047771eb3dfc https://git.kernel.org/stable/c/5bb7a2c3afcf8732dc65ea49c09147b07da1d993 https://git.kernel.org/stable/c/1af22528fee8072b7adc007b8ca49cc4ea62689e https://git.kernel.org/stable/c/473ffae3030188f1c6b80e1b3631a26b4adf7b32 https://git.kernel.org/stable/c/45c9f2b856a075a34873d00788d2e8a250c1effd
Powered by blists - more mailing lists