CVE-2024-26823 (GCVE-0-2024-26823)

Vulnerability from cvelistv5 – Published: 2024-04-17 09:43 – Updated: 2025-05-04 08:57
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their GICv4 functionnality, and some other may even fail to boot, unless they are configured to boot with DT. Move the enabling of quirks into its_probe_one(), making it common to all firmware implementations.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 9585a495ac936049dba141e8f9d99159ca06d46a , < 91a80fff3eeed928b6fba21271f6a9719b22a5d8 (git)
Affected: 9585a495ac936049dba141e8f9d99159ca06d46a , < 4c60c611441f1f1e5de8e00e98ee5a4970778a00 (git)
Affected: 9585a495ac936049dba141e8f9d99159ca06d46a , < 8b02da04ad978827e5ccd675acf170198f747a7a (git)
Create a notification for this product.
    Linux Linux Affected: 6.6
Unaffected: 0 , < 6.6 (semver)
Unaffected: 6.6.18 , ≤ 6.6.* (semver)
Unaffected: 6.7.6 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:13.578Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26823",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:49:07.318138Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:32.102Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/irqchip/irq-gic-v3-its.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "91a80fff3eeed928b6fba21271f6a9719b22a5d8",
              "status": "affected",
              "version": "9585a495ac936049dba141e8f9d99159ca06d46a",
              "versionType": "git"
            },
            {
              "lessThan": "4c60c611441f1f1e5de8e00e98ee5a4970778a00",
              "status": "affected",
              "version": "9585a495ac936049dba141e8f9d99159ca06d46a",
              "versionType": "git"
            },
            {
              "lessThan": "8b02da04ad978827e5ccd675acf170198f747a7a",
              "status": "affected",
              "version": "9585a495ac936049dba141e8f9d99159ca06d46a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/irqchip/irq-gic-v3-its.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.18",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.6",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Restore quirk probing for ACPI-based systems\n\nWhile refactoring the way the ITSs are probed, the handling of quirks\napplicable to ACPI-based platforms was lost. As a result, systems such as\nHIP07 lose their GICv4 functionnality, and some other may even fail to\nboot, unless they are configured to boot with DT.\n\nMove the enabling of quirks into its_probe_one(), making it common to all\nfirmware implementations."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:57:20.077Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8"
        },
        {
          "url": "https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a"
        }
      ],
      "title": "irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26823",
    "datePublished": "2024-04-17T09:43:49.850Z",
    "dateReserved": "2024-02-19T14:20:24.180Z",
    "dateUpdated": "2025-05-04T08:57:20.077Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nirqchip/gic-v3-its: Restore quirk probing for ACPI-based systems\\n\\nWhile refactoring the way the ITSs are probed, the handling of quirks\\napplicable to ACPI-based platforms was lost. As a result, systems such as\\nHIP07 lose their GICv4 functionnality, and some other may even fail to\\nboot, unless they are configured to boot with DT.\\n\\nMove the enabling of quirks into its_probe_one(), making it common to all\\nfirmware implementations.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: irqchip/gic-v3-its: restaurar el sondeo de peculiaridades para sistemas basados en ACPI Al refactorizar la forma en que se sondean los ITS, se perdi\\u00f3 el manejo de peculiaridades aplicables a plataformas basadas en ACPI. Como resultado, sistemas como HIP07 pierden su funcionalidad GICv4 y es posible que algunos otros incluso no arranquen, a menos que est\\u00e9n configurados para arrancar con DT. Mueva la habilitaci\\u00f3n de peculiaridades a its_probe_one(), haci\\u00e9ndola com\\u00fan a todas las implementaciones de firmware.\"}]",
      "id": "CVE-2024-26823",
      "lastModified": "2024-11-21T09:03:09.103",
      "published": "2024-04-17T10:15:09.027",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26823\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-17T10:15:09.027\",\"lastModified\":\"2025-03-27T20:53:54.630\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nirqchip/gic-v3-its: Restore quirk probing for ACPI-based systems\\n\\nWhile refactoring the way the ITSs are probed, the handling of quirks\\napplicable to ACPI-based platforms was lost. As a result, systems such as\\nHIP07 lose their GICv4 functionnality, and some other may even fail to\\nboot, unless they are configured to boot with DT.\\n\\nMove the enabling of quirks into its_probe_one(), making it common to all\\nfirmware implementations.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: irqchip/gic-v3-its: restaurar el sondeo de peculiaridades para sistemas basados en ACPI Al refactorizar la forma en que se sondean los ITS, se perdi\u00f3 el manejo de peculiaridades aplicables a plataformas basadas en ACPI. Como resultado, sistemas como HIP07 pierden su funcionalidad GICv4 y es posible que algunos otros incluso no arranquen, a menos que est\u00e9n configurados para arrancar con DT. Mueva la habilitaci\u00f3n de peculiaridades a its_probe_one(), haci\u00e9ndola com\u00fan a todas las implementaciones de firmware.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6\",\"versionEndExcluding\":\"6.6.18\",\"matchCriteriaId\":\"8ED485BB-BF8B-4D25-809B-B538663EA8D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.6\",\"matchCriteriaId\":\"C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F4EA73-0894-400F-A490-3A397AB7A517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"056BD938-0A27-4569-B391-30578B309EE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02056A5-B362-4370-9FF8-6F0BD384D520\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"62075ACE-B2A0-4B16-829D-B3DA5AE5CC41\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:14:13.578Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-26823\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T15:49:07.318138Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:17.196Z\"}}], \"cna\": {\"title\": \"irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"9585a495ac936049dba141e8f9d99159ca06d46a\", \"lessThan\": \"91a80fff3eeed928b6fba21271f6a9719b22a5d8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9585a495ac936049dba141e8f9d99159ca06d46a\", \"lessThan\": \"4c60c611441f1f1e5de8e00e98ee5a4970778a00\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9585a495ac936049dba141e8f9d99159ca06d46a\", \"lessThan\": \"8b02da04ad978827e5ccd675acf170198f747a7a\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/irqchip/irq-gic-v3-its.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.6\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.18\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/irqchip/irq-gic-v3-its.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/91a80fff3eeed928b6fba21271f6a9719b22a5d8\"}, {\"url\": \"https://git.kernel.org/stable/c/4c60c611441f1f1e5de8e00e98ee5a4970778a00\"}, {\"url\": \"https://git.kernel.org/stable/c/8b02da04ad978827e5ccd675acf170198f747a7a\"}], \"x_generator\": {\"engine\": \"bippy-5f407fcff5a0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nirqchip/gic-v3-its: Restore quirk probing for ACPI-based systems\\n\\nWhile refactoring the way the ITSs are probed, the handling of quirks\\napplicable to ACPI-based platforms was lost. As a result, systems such as\\nHIP07 lose their GICv4 functionnality, and some other may even fail to\\nboot, unless they are configured to boot with DT.\\n\\nMove the enabling of quirks into its_probe_one(), making it common to all\\nfirmware implementations.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-12-19T08:48:08.421Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-26823\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-19T08:48:08.421Z\", \"dateReserved\": \"2024-02-19T14:20:24.180Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-04-17T09:43:49.850Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.