CVE-2024-57949

Summary

In the Linux kernel, the following vulnerability has been resolved:

irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity()

The following call-chain leads to enabling interrupts in a nested interrupt disabled section:

irq_set_vcpu_affinity() irq_get_desc_lock() raw_spin_lock_irqsave() <— Disable interrupts its_irq_set_vcpu_affinity() guard(raw_spinlock_irq) <— Enables interrupts when leaving the guard() irq_put_desc_unlock() <— Warns because interrupts are enabled

This was broken in commit b97e8a2f7130, which replaced the original raw_spin_[un]lock() pair with guard(raw_spinlock_irq).

Fix the issue by using guard(raw_spinlock).

[ tglx: Massaged change log ]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2458f2362f695584bd824c922caa07ffc4fe0d5c < d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344affected
LinuxLinux5c0fb9cb404a2efbbc319ff9d1b877cf4e47e950 < 6c84ff2e788fce0099ee3e71a3ed258b1ca1a223affected
LinuxLinuxb97e8a2f7130a4b30d1502003095833d16c028b3 < 93955a7788121ab5a0f7f27e988b2ed1135a4866affected
LinuxLinuxb97e8a2f7130a4b30d1502003095833d16c028b3 < 35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310affected
LinuxLinuxc11039edbabdbccf0728844f1002d750d06f9effaffected
LinuxLinux6.1.95 < 6.1.127affected
LinuxLinux6.6.35 < 6.6.74affected
LinuxLinux6.9.6 < 6.10affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.1.127 <= 6.1.*unaffected
LinuxLinux6.6.74 <= 6.6.*unaffected
LinuxLinux6.12.11 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References