CVE-2024-46832

Summary

In the Linux kernel, the following vulnerability has been resolved:

MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed

This avoids warning:

[ 0.118053] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:283

Caused by get_c0_compare_int on secondary CPU.

We also skipped saving IRQ number to struct clock_event_device *cd as it's never used by clockevent core, as per comments it's only meant for "non CPU local devices".

Affected Software

VendorProductVersion RangeStatus
LinuxLinux38760d40ca61b18b2809e9c28df8b3ff9af8a02b < d3ff0f98a52f0aafe35aa314d1c442f4318be3dbaffected
LinuxLinux38760d40ca61b18b2809e9c28df8b3ff9af8a02b < e6cd871627abbb459d0ff6521d6bb9cf9d9f7522affected
LinuxLinux38760d40ca61b18b2809e9c28df8b3ff9af8a02b < b1d2051373bfc65371ce4ac8911ed984d0178c98affected
LinuxLinux38760d40ca61b18b2809e9c28df8b3ff9af8a02b < 32ee0520159f1e8c2d6597c19690df452c528f30affected
LinuxLinux38760d40ca61b18b2809e9c28df8b3ff9af8a02b < 189d3ed3b25beee26ffe2abed278208bece13f52affected
LinuxLinux38760d40ca61b18b2809e9c28df8b3ff9af8a02b < 50f2b98dc83de7809a5c5bf0ccf9af2e75c37c13affected
LinuxLinux2.6.24affected
LinuxLinux0 < 2.6.24unaffected
LinuxLinux5.10.226 <= 5.10.*unaffected
LinuxLinux5.15.167 <= 5.15.*unaffected
LinuxLinux6.1.110 <= 6.1.*unaffected
LinuxLinux6.6.51 <= 6.6.*unaffected
LinuxLinux6.10.10 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References