CVE-2024-26918 (GCVE-0-2024-26918)

Vulnerability from cvelistv5 – Published: 2024-04-17 15:59 – Updated: 2025-05-04 08:59
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix active state requirement in PME polling The commit noted in fixes added a bogus requirement that runtime PM managed devices need to be in the RPM_ACTIVE state for PME polling. In fact, only devices in low power states should be polled. However there's still a requirement that the device config space must be accessible, which has implications for both the current state of the polled device and the parent bridge, when present. It's not sufficient to assume the bridge remains in D0 and cases have been observed where the bridge passes the D0 test, but the PM state indicates RPM_SUSPENDING and config space of the polled device becomes inaccessible during pci_pme_wakeup(). Therefore, since the bridge is already effectively required to be in the RPM_ACTIVE state, formalize this in the code and elevate the PM usage count to maintain the state while polling the subordinate device. This resolves a regression reported in the bugzilla below where a Thunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint downstream of a bridge in a D3hot power state.
Severity ?
6.2 (Medium)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: d3fcd7360338358aa0036bec6d2cf0e37a0ca624 , < 63b1a3d9dd3b3f6d67f524e76270e66767090583 (git)
Affected: d3fcd7360338358aa0036bec6d2cf0e37a0ca624 , < a4f12e5cbac2865c151d1e97e36eb24205afb23b (git)
Affected: d3fcd7360338358aa0036bec6d2cf0e37a0ca624 , < 41044d5360685e78a869d40a168491a70cdb7e73 (git)
Create a notification for this product.
    Linux Linux Affected: 6.6
Unaffected: 0 , < 6.6 (semver)
Unaffected: 6.6.18 , ≤ 6.6.* (semver)
Unaffected: 6.7.6 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-26918",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-07T20:53:10.241105Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T18:41:33.301Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:21:05.864Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "63b1a3d9dd3b3f6d67f524e76270e66767090583",
              "status": "affected",
              "version": "d3fcd7360338358aa0036bec6d2cf0e37a0ca624",
              "versionType": "git"
            },
            {
              "lessThan": "a4f12e5cbac2865c151d1e97e36eb24205afb23b",
              "status": "affected",
              "version": "d3fcd7360338358aa0036bec6d2cf0e37a0ca624",
              "versionType": "git"
            },
            {
              "lessThan": "41044d5360685e78a869d40a168491a70cdb7e73",
              "status": "affected",
              "version": "d3fcd7360338358aa0036bec6d2cf0e37a0ca624",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.6"
            },
            {
              "lessThan": "6.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.18",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.6",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "6.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix active state requirement in PME polling\n\nThe commit noted in fixes added a bogus requirement that runtime PM managed\ndevices need to be in the RPM_ACTIVE state for PME polling.  In fact, only\ndevices in low power states should be polled.\n\nHowever there\u0027s still a requirement that the device config space must be\naccessible, which has implications for both the current state of the polled\ndevice and the parent bridge, when present.  It\u0027s not sufficient to assume\nthe bridge remains in D0 and cases have been observed where the bridge\npasses the D0 test, but the PM state indicates RPM_SUSPENDING and config\nspace of the polled device becomes inaccessible during pci_pme_wakeup().\n\nTherefore, since the bridge is already effectively required to be in the\nRPM_ACTIVE state, formalize this in the code and elevate the PM usage count\nto maintain the state while polling the subordinate device.\n\nThis resolves a regression reported in the bugzilla below where a\nThunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint\ndownstream of a bridge in a D3hot power state."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:59:40.562Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583"
        },
        {
          "url": "https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b"
        },
        {
          "url": "https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73"
        }
      ],
      "title": "PCI: Fix active state requirement in PME polling",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26918",
    "datePublished": "2024-04-17T15:59:26.954Z",
    "dateReserved": "2024-02-19T14:20:24.193Z",
    "dateUpdated": "2025-05-04T08:59:40.562Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nPCI: Fix active state requirement in PME polling\\n\\nThe commit noted in fixes added a bogus requirement that runtime PM managed\\ndevices need to be in the RPM_ACTIVE state for PME polling.  In fact, only\\ndevices in low power states should be polled.\\n\\nHowever there\u0027s still a requirement that the device config space must be\\naccessible, which has implications for both the current state of the polled\\ndevice and the parent bridge, when present.  It\u0027s not sufficient to assume\\nthe bridge remains in D0 and cases have been observed where the bridge\\npasses the D0 test, but the PM state indicates RPM_SUSPENDING and config\\nspace of the polled device becomes inaccessible during pci_pme_wakeup().\\n\\nTherefore, since the bridge is already effectively required to be in the\\nRPM_ACTIVE state, formalize this in the code and elevate the PM usage count\\nto maintain the state while polling the subordinate device.\\n\\nThis resolves a regression reported in the bugzilla below where a\\nThunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint\\ndownstream of a bridge in a D3hot power state.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: PCI: corrige el requisito de estado activo en el sondeo de PME. La confirmaci\\u00f3n observada en las correcciones agreg\\u00f3 un requisito falso de que los dispositivos administrados por PM en tiempo de ejecuci\\u00f3n deben estar en el estado RPM_ACTIVE para el sondeo de PME. De hecho, s\\u00f3lo se deben sondear los dispositivos en estados de bajo consumo de energ\\u00eda. Sin embargo, todav\\u00eda existe el requisito de que se pueda acceder al espacio de configuraci\\u00f3n del dispositivo, lo que tiene implicaciones tanto para el estado actual del dispositivo sondeado como para el puente principal, cuando est\\u00e9 presente. No es suficiente asumir que el puente permanece en D0 y se han observado casos en los que el puente pasa la prueba D0, pero el estado PM indica RPM_SUSPENDING y el espacio de configuraci\\u00f3n del dispositivo sondeado se vuelve inaccesible durante pci_pme_wakeup(). Por lo tanto, dado que ya se requiere que el puente est\\u00e9 en el estado RPM_ACTIVE, formalice esto en el c\\u00f3digo y eleve el recuento de uso de PM para mantener el estado mientras se sondea el dispositivo subordinado. Esto resuelve una regresi\\u00f3n reportada en el bugzilla a continuaci\\u00f3n donde una jerarqu\\u00eda Thunderbolt/USB4 no puede buscar un endpoint NVMe conectado aguas abajo de un puente en un estado de energ\\u00eda D3hot.\"}]",
      "id": "CVE-2024-26918",
      "lastModified": "2024-11-21T09:03:22.790",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.2, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.5, \"impactScore\": 3.6}]}",
      "published": "2024-04-17T16:15:08.303",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26918\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-17T16:15:08.303\",\"lastModified\":\"2025-09-16T16:30:48.713\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nPCI: Fix active state requirement in PME polling\\n\\nThe commit noted in fixes added a bogus requirement that runtime PM managed\\ndevices need to be in the RPM_ACTIVE state for PME polling.  In fact, only\\ndevices in low power states should be polled.\\n\\nHowever there\u0027s still a requirement that the device config space must be\\naccessible, which has implications for both the current state of the polled\\ndevice and the parent bridge, when present.  It\u0027s not sufficient to assume\\nthe bridge remains in D0 and cases have been observed where the bridge\\npasses the D0 test, but the PM state indicates RPM_SUSPENDING and config\\nspace of the polled device becomes inaccessible during pci_pme_wakeup().\\n\\nTherefore, since the bridge is already effectively required to be in the\\nRPM_ACTIVE state, formalize this in the code and elevate the PM usage count\\nto maintain the state while polling the subordinate device.\\n\\nThis resolves a regression reported in the bugzilla below where a\\nThunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint\\ndownstream of a bridge in a D3hot power state.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: PCI: corrige el requisito de estado activo en el sondeo de PME. La confirmaci\u00f3n observada en las correcciones agreg\u00f3 un requisito falso de que los dispositivos administrados por PM en tiempo de ejecuci\u00f3n deben estar en el estado RPM_ACTIVE para el sondeo de PME. De hecho, s\u00f3lo se deben sondear los dispositivos en estados de bajo consumo de energ\u00eda. Sin embargo, todav\u00eda existe el requisito de que se pueda acceder al espacio de configuraci\u00f3n del dispositivo, lo que tiene implicaciones tanto para el estado actual del dispositivo sondeado como para el puente principal, cuando est\u00e9 presente. No es suficiente asumir que el puente permanece en D0 y se han observado casos en los que el puente pasa la prueba D0, pero el estado PM indica RPM_SUSPENDING y el espacio de configuraci\u00f3n del dispositivo sondeado se vuelve inaccesible durante pci_pme_wakeup(). Por lo tanto, dado que ya se requiere que el puente est\u00e9 en el estado RPM_ACTIVE, formalice esto en el c\u00f3digo y eleve el recuento de uso de PM para mantener el estado mientras se sondea el dispositivo subordinado. Esto resuelve una regresi\u00f3n reportada en el bugzilla a continuaci\u00f3n donde una jerarqu\u00eda Thunderbolt/USB4 no puede buscar un endpoint NVMe conectado aguas abajo de un puente en un estado de energ\u00eda D3hot.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6\",\"versionEndExcluding\":\"6.6.18\",\"matchCriteriaId\":\"8ED485BB-BF8B-4D25-809B-B538663EA8D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.6\",\"matchCriteriaId\":\"C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F4EA73-0894-400F-A490-3A397AB7A517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"056BD938-0A27-4569-B391-30578B309EE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02056A5-B362-4370-9FF8-6F0BD384D520\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"62075ACE-B2A0-4B16-829D-B3DA5AE5CC41\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:21:05.864Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-26918\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-07T20:53:10.241105Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-07T20:53:13.434Z\"}}], \"cna\": {\"title\": \"PCI: Fix active state requirement in PME polling\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"d3fcd7360338358aa0036bec6d2cf0e37a0ca624\", \"lessThan\": \"63b1a3d9dd3b3f6d67f524e76270e66767090583\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d3fcd7360338358aa0036bec6d2cf0e37a0ca624\", \"lessThan\": \"a4f12e5cbac2865c151d1e97e36eb24205afb23b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d3fcd7360338358aa0036bec6d2cf0e37a0ca624\", \"lessThan\": \"41044d5360685e78a869d40a168491a70cdb7e73\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/pci/pci.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.6\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.18\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/pci/pci.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/63b1a3d9dd3b3f6d67f524e76270e66767090583\"}, {\"url\": \"https://git.kernel.org/stable/c/a4f12e5cbac2865c151d1e97e36eb24205afb23b\"}, {\"url\": \"https://git.kernel.org/stable/c/41044d5360685e78a869d40a168491a70cdb7e73\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nPCI: Fix active state requirement in PME polling\\n\\nThe commit noted in fixes added a bogus requirement that runtime PM managed\\ndevices need to be in the RPM_ACTIVE state for PME polling.  In fact, only\\ndevices in low power states should be polled.\\n\\nHowever there\u0027s still a requirement that the device config space must be\\naccessible, which has implications for both the current state of the polled\\ndevice and the parent bridge, when present.  It\u0027s not sufficient to assume\\nthe bridge remains in D0 and cases have been observed where the bridge\\npasses the D0 test, but the PM state indicates RPM_SUSPENDING and config\\nspace of the polled device becomes inaccessible during pci_pme_wakeup().\\n\\nTherefore, since the bridge is already effectively required to be in the\\nRPM_ACTIVE state, formalize this in the code and elevate the PM usage count\\nto maintain the state while polling the subordinate device.\\n\\nThis resolves a regression reported in the bugzilla below where a\\nThunderbolt/USB4 hierarchy fails to scan for an attached NVMe endpoint\\ndownstream of a bridge in a D3hot power state.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.18\", \"versionStartIncluding\": \"6.6\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.7.6\", \"versionStartIncluding\": \"6.6\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8\", \"versionStartIncluding\": \"6.6\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T08:59:40.562Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-26918\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T08:59:40.562Z\", \"dateReserved\": \"2024-02-19T14:20:24.193Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-04-17T15:59:26.954Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.