cve-2024-35907
Vulnerability from cvelistv5
Published
2024-05-19 08:35
Modified
2024-12-19 08:58
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: call request_irq() after NAPI initialized The mlxbf_gige driver encounters a NULL pointer exception in mlxbf_gige_open() when kdump is enabled. The sequence to reproduce the exception is as follows: a) enable kdump b) trigger kdump via "echo c > /proc/sysrq-trigger" c) kdump kernel executes d) kdump kernel loads mlxbf_gige module e) the mlxbf_gige module runs its open() as the the "oob_net0" interface is brought up f) mlxbf_gige module will experience an exception during its open(), something like: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Mem abort info: ESR = 0x0000000086000004 EC = 0x21: IABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault user pgtable: 4k pages, 48-bit VAs, pgdp=00000000e29a4000 [0000000000000000] pgd=0000000000000000, p4d=0000000000000000 Internal error: Oops: 0000000086000004 [#1] SMP CPU: 0 PID: 812 Comm: NetworkManager Tainted: G OE 5.15.0-1035-bluefield #37-Ubuntu Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.6.0.13024 Jan 19 2024 pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : 0x0 lr : __napi_poll+0x40/0x230 sp : ffff800008003e00 x29: ffff800008003e00 x28: 0000000000000000 x27: 00000000ffffffff x26: ffff000066027238 x25: ffff00007cedec00 x24: ffff800008003ec8 x23: 000000000000012c x22: ffff800008003eb7 x21: 0000000000000000 x20: 0000000000000001 x19: ffff000066027238 x18: 0000000000000000 x17: ffff578fcb450000 x16: ffffa870b083c7c0 x15: 0000aaab010441d0 x14: 0000000000000001 x13: 00726f7272655f65 x12: 6769675f6662786c x11: 0000000000000000 x10: 0000000000000000 x9 : ffffa870b0842398 x8 : 0000000000000004 x7 : fe5a48b9069706ea x6 : 17fdb11fc84ae0d2 x5 : d94a82549d594f35 x4 : 0000000000000000 x3 : 0000000000400100 x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000066027238 Call trace: 0x0 net_rx_action+0x178/0x360 __do_softirq+0x15c/0x428 __irq_exit_rcu+0xac/0xec irq_exit+0x18/0x2c handle_domain_irq+0x6c/0xa0 gic_handle_irq+0xec/0x1b0 call_on_irq_stack+0x20/0x2c do_interrupt_handler+0x5c/0x70 el1_interrupt+0x30/0x50 el1h_64_irq_handler+0x18/0x2c el1h_64_irq+0x7c/0x80 __setup_irq+0x4c0/0x950 request_threaded_irq+0xf4/0x1bc mlxbf_gige_request_irqs+0x68/0x110 [mlxbf_gige] mlxbf_gige_open+0x5c/0x170 [mlxbf_gige] __dev_open+0x100/0x220 __dev_change_flags+0x16c/0x1f0 dev_change_flags+0x2c/0x70 do_setlink+0x220/0xa40 __rtnl_newlink+0x56c/0x8a0 rtnl_newlink+0x58/0x84 rtnetlink_rcv_msg+0x138/0x3c4 netlink_rcv_skb+0x64/0x130 rtnetlink_rcv+0x20/0x30 netlink_unicast+0x2ec/0x360 netlink_sendmsg+0x278/0x490 __sock_sendmsg+0x5c/0x6c ____sys_sendmsg+0x290/0x2d4 ___sys_sendmsg+0x84/0xd0 __sys_sendmsg+0x70/0xd0 __arm64_sys_sendmsg+0x2c/0x40 invoke_syscall+0x78/0x100 el0_svc_common.constprop.0+0x54/0x184 do_el0_svc+0x30/0xac el0_svc+0x48/0x160 el0t_64_sync_handler+0xa4/0x12c el0t_64_sync+0x1a4/0x1a8 Code: bad PC value ---[ end trace 7d1c3f3bf9d81885 ]--- Kernel panic - not syncing: Oops: Fatal exception in interrupt Kernel Offset: 0x2870a7a00000 from 0xffff800008000000 PHYS_OFFSET: 0x80000000 CPU features: 0x0,000005c1,a3332a5a Memory Limit: none ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]--- The exception happens because there is a pending RX interrupt before the call to request_irq(RX IRQ) executes. Then, the RX IRQ handler fires immediately after this request_irq() completes. The ---truncated---
Impacted products
Vendor Product Version
Linux Linux Version: 5.14
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-35907",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:38:42.531045Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:41:26.881Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:21:48.853Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a583117668ddb86e98f2e11c7caa3db0e6df52a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/24444af5ddf729376b90db0f135fa19973cb5dab"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/867a2f598af6a645c865d1101b58c5e070c6dd9e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8feb1652afe9c5d019059a55c90f70690dce0f52"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f7442a634ac06b953fc1f7418f307b25acd4cfbc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a583117668ddb86e98f2e11c7caa3db0e6df52a3",
              "status": "affected",
              "version": "f92e1869d74e1acc6551256eb084a1c14a054e19",
              "versionType": "git"
            },
            {
              "lessThan": "24444af5ddf729376b90db0f135fa19973cb5dab",
              "status": "affected",
              "version": "f92e1869d74e1acc6551256eb084a1c14a054e19",
              "versionType": "git"
            },
            {
              "lessThan": "867a2f598af6a645c865d1101b58c5e070c6dd9e",
              "status": "affected",
              "version": "f92e1869d74e1acc6551256eb084a1c14a054e19",
              "versionType": "git"
            },
            {
              "lessThan": "8feb1652afe9c5d019059a55c90f70690dce0f52",
              "status": "affected",
              "version": "f92e1869d74e1acc6551256eb084a1c14a054e19",
              "versionType": "git"
            },
            {
              "lessThan": "f7442a634ac06b953fc1f7418f307b25acd4cfbc",
              "status": "affected",
              "version": "f92e1869d74e1acc6551256eb084a1c14a054e19",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.154",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.85",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.26",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf_gige: call request_irq() after NAPI initialized\n\nThe mlxbf_gige driver encounters a NULL pointer exception in\nmlxbf_gige_open() when kdump is enabled.  The sequence to reproduce\nthe exception is as follows:\na) enable kdump\nb) trigger kdump via \"echo c \u003e /proc/sysrq-trigger\"\nc) kdump kernel executes\nd) kdump kernel loads mlxbf_gige module\ne) the mlxbf_gige module runs its open() as the\n   the \"oob_net0\" interface is brought up\nf) mlxbf_gige module will experience an exception\n   during its open(), something like:\n\n     Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n     Mem abort info:\n       ESR = 0x0000000086000004\n       EC = 0x21: IABT (current EL), IL = 32 bits\n       SET = 0, FnV = 0\n       EA = 0, S1PTW = 0\n       FSC = 0x04: level 0 translation fault\n     user pgtable: 4k pages, 48-bit VAs, pgdp=00000000e29a4000\n     [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n     Internal error: Oops: 0000000086000004 [#1] SMP\n     CPU: 0 PID: 812 Comm: NetworkManager Tainted: G           OE     5.15.0-1035-bluefield #37-Ubuntu\n     Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.6.0.13024 Jan 19 2024\n     pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n     pc : 0x0\n     lr : __napi_poll+0x40/0x230\n     sp : ffff800008003e00\n     x29: ffff800008003e00 x28: 0000000000000000 x27: 00000000ffffffff\n     x26: ffff000066027238 x25: ffff00007cedec00 x24: ffff800008003ec8\n     x23: 000000000000012c x22: ffff800008003eb7 x21: 0000000000000000\n     x20: 0000000000000001 x19: ffff000066027238 x18: 0000000000000000\n     x17: ffff578fcb450000 x16: ffffa870b083c7c0 x15: 0000aaab010441d0\n     x14: 0000000000000001 x13: 00726f7272655f65 x12: 6769675f6662786c\n     x11: 0000000000000000 x10: 0000000000000000 x9 : ffffa870b0842398\n     x8 : 0000000000000004 x7 : fe5a48b9069706ea x6 : 17fdb11fc84ae0d2\n     x5 : d94a82549d594f35 x4 : 0000000000000000 x3 : 0000000000400100\n     x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000066027238\n     Call trace:\n      0x0\n      net_rx_action+0x178/0x360\n      __do_softirq+0x15c/0x428\n      __irq_exit_rcu+0xac/0xec\n      irq_exit+0x18/0x2c\n      handle_domain_irq+0x6c/0xa0\n      gic_handle_irq+0xec/0x1b0\n      call_on_irq_stack+0x20/0x2c\n      do_interrupt_handler+0x5c/0x70\n      el1_interrupt+0x30/0x50\n      el1h_64_irq_handler+0x18/0x2c\n      el1h_64_irq+0x7c/0x80\n      __setup_irq+0x4c0/0x950\n      request_threaded_irq+0xf4/0x1bc\n      mlxbf_gige_request_irqs+0x68/0x110 [mlxbf_gige]\n      mlxbf_gige_open+0x5c/0x170 [mlxbf_gige]\n      __dev_open+0x100/0x220\n      __dev_change_flags+0x16c/0x1f0\n      dev_change_flags+0x2c/0x70\n      do_setlink+0x220/0xa40\n      __rtnl_newlink+0x56c/0x8a0\n      rtnl_newlink+0x58/0x84\n      rtnetlink_rcv_msg+0x138/0x3c4\n      netlink_rcv_skb+0x64/0x130\n      rtnetlink_rcv+0x20/0x30\n      netlink_unicast+0x2ec/0x360\n      netlink_sendmsg+0x278/0x490\n      __sock_sendmsg+0x5c/0x6c\n      ____sys_sendmsg+0x290/0x2d4\n      ___sys_sendmsg+0x84/0xd0\n      __sys_sendmsg+0x70/0xd0\n      __arm64_sys_sendmsg+0x2c/0x40\n      invoke_syscall+0x78/0x100\n      el0_svc_common.constprop.0+0x54/0x184\n      do_el0_svc+0x30/0xac\n      el0_svc+0x48/0x160\n      el0t_64_sync_handler+0xa4/0x12c\n      el0t_64_sync+0x1a4/0x1a8\n     Code: bad PC value\n     ---[ end trace 7d1c3f3bf9d81885 ]---\n     Kernel panic - not syncing: Oops: Fatal exception in interrupt\n     Kernel Offset: 0x2870a7a00000 from 0xffff800008000000\n     PHYS_OFFSET: 0x80000000\n     CPU features: 0x0,000005c1,a3332a5a\n     Memory Limit: none\n     ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nThe exception happens because there is a pending RX interrupt before the\ncall to request_irq(RX IRQ) executes.  Then, the RX IRQ handler fires\nimmediately after this request_irq() completes. The\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T08:58:00.492Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a583117668ddb86e98f2e11c7caa3db0e6df52a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/24444af5ddf729376b90db0f135fa19973cb5dab"
        },
        {
          "url": "https://git.kernel.org/stable/c/867a2f598af6a645c865d1101b58c5e070c6dd9e"
        },
        {
          "url": "https://git.kernel.org/stable/c/8feb1652afe9c5d019059a55c90f70690dce0f52"
        },
        {
          "url": "https://git.kernel.org/stable/c/f7442a634ac06b953fc1f7418f307b25acd4cfbc"
        }
      ],
      "title": "mlxbf_gige: call request_irq() after NAPI initialized",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35907",
    "datePublished": "2024-05-19T08:35:00.399Z",
    "dateReserved": "2024-05-17T13:50:33.120Z",
    "dateUpdated": "2024-12-19T08:58:00.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-35907\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-19T09:15:11.400\",\"lastModified\":\"2024-11-21T09:21:10.560\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmlxbf_gige: call request_irq() after NAPI initialized\\n\\nThe mlxbf_gige driver encounters a NULL pointer exception in\\nmlxbf_gige_open() when kdump is enabled.  The sequence to reproduce\\nthe exception is as follows:\\na) enable kdump\\nb) trigger kdump via \\\"echo c \u003e /proc/sysrq-trigger\\\"\\nc) kdump kernel executes\\nd) kdump kernel loads mlxbf_gige module\\ne) the mlxbf_gige module runs its open() as the\\n   the \\\"oob_net0\\\" interface is brought up\\nf) mlxbf_gige module will experience an exception\\n   during its open(), something like:\\n\\n     Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\\n     Mem abort info:\\n       ESR = 0x0000000086000004\\n       EC = 0x21: IABT (current EL), IL = 32 bits\\n       SET = 0, FnV = 0\\n       EA = 0, S1PTW = 0\\n       FSC = 0x04: level 0 translation fault\\n     user pgtable: 4k pages, 48-bit VAs, pgdp=00000000e29a4000\\n     [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\\n     Internal error: Oops: 0000000086000004 [#1] SMP\\n     CPU: 0 PID: 812 Comm: NetworkManager Tainted: G           OE     5.15.0-1035-bluefield #37-Ubuntu\\n     Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.6.0.13024 Jan 19 2024\\n     pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\\n     pc : 0x0\\n     lr : __napi_poll+0x40/0x230\\n     sp : ffff800008003e00\\n     x29: ffff800008003e00 x28: 0000000000000000 x27: 00000000ffffffff\\n     x26: ffff000066027238 x25: ffff00007cedec00 x24: ffff800008003ec8\\n     x23: 000000000000012c x22: ffff800008003eb7 x21: 0000000000000000\\n     x20: 0000000000000001 x19: ffff000066027238 x18: 0000000000000000\\n     x17: ffff578fcb450000 x16: ffffa870b083c7c0 x15: 0000aaab010441d0\\n     x14: 0000000000000001 x13: 00726f7272655f65 x12: 6769675f6662786c\\n     x11: 0000000000000000 x10: 0000000000000000 x9 : ffffa870b0842398\\n     x8 : 0000000000000004 x7 : fe5a48b9069706ea x6 : 17fdb11fc84ae0d2\\n     x5 : d94a82549d594f35 x4 : 0000000000000000 x3 : 0000000000400100\\n     x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000066027238\\n     Call trace:\\n      0x0\\n      net_rx_action+0x178/0x360\\n      __do_softirq+0x15c/0x428\\n      __irq_exit_rcu+0xac/0xec\\n      irq_exit+0x18/0x2c\\n      handle_domain_irq+0x6c/0xa0\\n      gic_handle_irq+0xec/0x1b0\\n      call_on_irq_stack+0x20/0x2c\\n      do_interrupt_handler+0x5c/0x70\\n      el1_interrupt+0x30/0x50\\n      el1h_64_irq_handler+0x18/0x2c\\n      el1h_64_irq+0x7c/0x80\\n      __setup_irq+0x4c0/0x950\\n      request_threaded_irq+0xf4/0x1bc\\n      mlxbf_gige_request_irqs+0x68/0x110 [mlxbf_gige]\\n      mlxbf_gige_open+0x5c/0x170 [mlxbf_gige]\\n      __dev_open+0x100/0x220\\n      __dev_change_flags+0x16c/0x1f0\\n      dev_change_flags+0x2c/0x70\\n      do_setlink+0x220/0xa40\\n      __rtnl_newlink+0x56c/0x8a0\\n      rtnl_newlink+0x58/0x84\\n      rtnetlink_rcv_msg+0x138/0x3c4\\n      netlink_rcv_skb+0x64/0x130\\n      rtnetlink_rcv+0x20/0x30\\n      netlink_unicast+0x2ec/0x360\\n      netlink_sendmsg+0x278/0x490\\n      __sock_sendmsg+0x5c/0x6c\\n      ____sys_sendmsg+0x290/0x2d4\\n      ___sys_sendmsg+0x84/0xd0\\n      __sys_sendmsg+0x70/0xd0\\n      __arm64_sys_sendmsg+0x2c/0x40\\n      invoke_syscall+0x78/0x100\\n      el0_svc_common.constprop.0+0x54/0x184\\n      do_el0_svc+0x30/0xac\\n      el0_svc+0x48/0x160\\n      el0t_64_sync_handler+0xa4/0x12c\\n      el0t_64_sync+0x1a4/0x1a8\\n     Code: bad PC value\\n     ---[ end trace 7d1c3f3bf9d81885 ]---\\n     Kernel panic - not syncing: Oops: Fatal exception in interrupt\\n     Kernel Offset: 0x2870a7a00000 from 0xffff800008000000\\n     PHYS_OFFSET: 0x80000000\\n     CPU features: 0x0,000005c1,a3332a5a\\n     Memory Limit: none\\n     ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\\n\\nThe exception happens because there is a pending RX interrupt before the\\ncall to request_irq(RX IRQ) executes.  Then, the RX IRQ handler fires\\nimmediately after this request_irq() completes. The\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: mlxbf_gige: llame a request_irq() despu\u00e9s de inicializar NAPI. El controlador mlxbf_gige encuentra una excepci\u00f3n de puntero NULL en mlxbf_gige_open() cuando kdump est\u00e1 habilitado. La secuencia para reproducir la excepci\u00f3n es la siguiente: a) habilitar kdump b) activar kdump mediante \\\"echo c \u0026gt; /proc/sysrq-trigger\\\" c) el kernel de kdump se ejecuta d) el kernel de kdump carga el m\u00f3dulo mlxbf_gige e) el m\u00f3dulo mlxbf_gige se ejecuta en abierto () cuando se abre la interfaz \\\"oob_net0\\\" f) El m\u00f3dulo mlxbf_gige experimentar\u00e1 una excepci\u00f3n durante su apertura(), algo as\u00ed como: No se puede manejar la desreferencia del puntero NULL del kernel en la direcci\u00f3n virtual 0000000000000000 Informaci\u00f3n de cancelaci\u00f3n de memoria: ESR = 0x0000000086000004 EC = 0x21 : IABT (EL actual), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: tabla de usuario de error de traducci\u00f3n de nivel 0: 4k p\u00e1ginas, VA de 48 bits, pgdp=00000000e29a4000 [00000000000000000] pgd=0000000000000000, p4d=00000000000000000 Error interno: Vaya: 0000000086000004 [#1] CPU SMP: 0 PID: 812 Comunicaciones: NetworkManager contaminado: G OE 5.15.0-1035-bluefield #37-Ubuntu Nombre de hardware: https ://www .mellanox.com Tarjeta principal BlueField-3 SmartNIC/Tarjeta principal BlueField-3 SmartNIC, BIOS 4.6.0.13024 19 de enero de 2024 pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc: 0x0 lr : __napi_poll+0x40/0x230 sp : ffff800008003e00 x29: ffff800008003e00 x28: 0000000000000000 x27: 00000000ffffffff x26: ffff000066027238 x25: 7cedec00 x24: ffff800008003ec8 x23: 000000000000012c x22: ffff800008003eb7 x21: 00000000000000000 x20: 0000000000000001 x19: ffff000066027238 x 18: 0000000000000000 x17: ffff578fcb450000 x16: ffffa870b083c7c0 x15: 0000aaab010441d0 x14: 0000000000000001 x13: 00726f7272655f65 x12: 6769675f6662786c x11: 0000000000000000 x10: 0000000000000000 x9: ffffa870b0842398 x8: 0000000000000004 x7: fe5a48b9069706ea x6: 17fdb11fc84ae0d2 x5: d94a82549d594f35 x4: 00000000000000 000 x3: 0000000000400100 x2: 0000000000000000 x1: 0000000000000000 x0: ffff000066027238 Llamar seguimiento: 0x0 net_rx_action+0x178/0x360 __do_softirq+0x15c/0x428 __irq_exit_rcu+0xac/0xec irq_exit+0x18/0x2c handle_domain_irq+0x6c/0xa0 gic_handle_irq+0xec/0x1b0 call_on_irq_stack+0x2 0/0x2c do_interrupt_handler+0x5c/0x70 el1_interrupt+0x30/0x50 el1h_64_irq_handler+ 0x18/0x2c el1h_64_irq+0x7c/0x80 __setup_irq+0x4c0/0x950 request_threaded_irq+0xf4/0x1bc mlxbf_gige_request_irqs+0x68/0x110 [mlxbf_gige] mlxbf_gige_open+0x5c/0x170 bf_gige] __dev_open+0x100/0x220 __dev_change_flags+0x16c/0x1f0 dev_change_flags+0x2c/0x70 do_setlink +0x220/0xa40 __rtnl_newlink+0x56c/0x8a0 rtnl_newlink+0x58/0x84 rtnetlink_rcv_msg+0x138/0x3c4 netlink_rcv_skb+0x64/0x130 rtnetlink_rcv+0x20/0x30 netlink_unicast+0x2ec/0x360 netlink_sendmsg+0x278/0x490 __sock_sendmsg+0x5c/0x6c ____sys_sendmsg+0x290/0x2d4 ___sys_sendmsg +0x84/0xd0 __sys_sendmsg+0x70/0xd0 __arm64_sys_sendmsg+0x2c/0x40 invoke_syscall+0x78/0x100 el0_svc_common.constprop.0+0x54/0x184 do_el0_svc+0x30/0xac c+0x48/0x160 el0t_64_sync_handler+0xa4/0x12c el0t_64_sync+0x1a4/0x1a8 C\u00f3digo: valor incorrecto de la PC ---[ seguimiento final 7d1c3f3bf9d81885 ]--- P\u00e1nico del kernel - no se sincroniza: Vaya: excepci\u00f3n grave en la interrupci\u00f3n Compensaci\u00f3n del kernel: 0x2870a7a00000 de 0xffff800008000000 PHYS_OFFSET: 0x80000000 Caracter\u00edsticas de la CPU: 0x0,000005c1,a33 32a5a L\u00edmite de memoria: ninguno --- [fin del p\u00e1nico del kernel - no se sincroniza: Ups: excepci\u00f3n fatal en la interrupci\u00f3n]--- La excepci\u00f3n ocurre porque hay una interrupci\u00f3n RX pendiente antes de que se ejecute la llamada a request_irq(RX IRQ). Luego, el controlador RX IRQ se activa inmediatamente despu\u00e9s de que se completa request_irq(). El ---truncado---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/24444af5ddf729376b90db0f135fa19973cb5dab\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/867a2f598af6a645c865d1101b58c5e070c6dd9e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8feb1652afe9c5d019059a55c90f70690dce0f52\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a583117668ddb86e98f2e11c7caa3db0e6df52a3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f7442a634ac06b953fc1f7418f307b25acd4cfbc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/24444af5ddf729376b90db0f135fa19973cb5dab\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/867a2f598af6a645c865d1101b58c5e070c6dd9e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/8feb1652afe9c5d019059a55c90f70690dce0f52\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/a583117668ddb86e98f2e11c7caa3db0e6df52a3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/f7442a634ac06b953fc1f7418f307b25acd4cfbc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.