CVE-2024-45029

Summary

In the Linux kernel, the following vulnerability has been resolved:

i2c: tegra: Do not mark ACPI devices as irq safe

On ACPI machines, the tegra i2c module encounters an issue due to a mutex being called inside a spinlock. This leads to the following bug:

BUG: sleeping function called from invalid context at kernel/locking/mutex.c:585
...

Call trace:
__might_sleep
__mutex_lock_common
mutex_lock_nested
acpi_subsys_runtime_resume
rpm_resume
tegra_i2c_xfer

The problem arises because during __pm_runtime_resume(), the spinlock &dev->power.lock is acquired before rpm_resume() is called. Later, rpm_resume() invokes acpi_subsys_runtime_resume(), which relies on mutexes, triggering the error.

To address this issue, devices on ACPI are now marked as not IRQ-safe, considering the dependency of acpi_subsys_runtime_resume() on mutexes.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbd2fdedbf2bac27f4a2ac16b84ab9b9e5f67006c < a89aef1e6cc43fa019a58080ed05c839e6c77876affected
LinuxLinuxbd2fdedbf2bac27f4a2ac16b84ab9b9e5f67006c < 6861faf4232e4b78878f2de1ed3ee324ddae2287affected
LinuxLinuxbd2fdedbf2bac27f4a2ac16b84ab9b9e5f67006c < 2853e1376d8161b04c9ff18ba82b43f08a049905affected
LinuxLinuxbd2fdedbf2bac27f4a2ac16b84ab9b9e5f67006c < 14d069d92951a3e150c0a81f2ca3b93e54da913baffected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.1.107 <= 6.1.*unaffected
LinuxLinux6.6.48 <= 6.6.*unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References