| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025020928-CVE-2024-57949-1d60@gregkh>
Date: Sun, 9 Feb 2025 12:36:29 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-57949: irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity()
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity()
The following call-chain leads to enabling interrupts in a nested interrupt
disabled section:
irq_set_vcpu_affinity()
irq_get_desc_lock()
raw_spin_lock_irqsave() <--- Disable interrupts
its_irq_set_vcpu_affinity()
guard(raw_spinlock_irq) <--- Enables interrupts when leaving the guard()
irq_put_desc_unlock() <--- Warns because interrupts are enabled
This was broken in commit b97e8a2f7130, which replaced the original
raw_spin_[un]lock() pair with guard(raw_spinlock_irq).
Fix the issue by using guard(raw_spinlock).
[ tglx: Massaged change log ]
The Linux kernel CVE team has assigned CVE-2024-57949 to this issue.
Affected and fixed versions
===========================
Issue introduced in 6.1.95 with commit 2458f2362f695584bd824c922caa07ffc4fe0d5c and fixed in 6.1.127 with commit d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344
Issue introduced in 6.6.35 with commit 5c0fb9cb404a2efbbc319ff9d1b877cf4e47e950 and fixed in 6.6.74 with commit 6c84ff2e788fce0099ee3e71a3ed258b1ca1a223
Issue introduced in 6.10 with commit b97e8a2f7130a4b30d1502003095833d16c028b3 and fixed in 6.12.11 with commit 93955a7788121ab5a0f7f27e988b2ed1135a4866
Issue introduced in 6.10 with commit b97e8a2f7130a4b30d1502003095833d16c028b3 and fixed in 6.13 with commit 35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310
Issue introduced in 6.9.6 with commit c11039edbabdbccf0728844f1002d750d06f9eff
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2024-57949
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/irqchip/irq-gic-v3-its.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344
https://git.kernel.org/stable/c/6c84ff2e788fce0099ee3e71a3ed258b1ca1a223
https://git.kernel.org/stable/c/93955a7788121ab5a0f7f27e988b2ed1135a4866
https://git.kernel.org/stable/c/35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310
Powered by blists - more mailing lists