github - ghsa-7rpw-5262-46cf

ghsa-7rpw-5262-46cf

Vulnerability from github

Published

2024-05-20 12:30

Modified

2024-05-20 12:30

Details

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Fix deadlock in context_xa

ivpu_device->context_xa is locked both in kernel thread and IRQ context. It requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization otherwise the lock could be acquired from a thread and interrupted by an IRQ that locks it for the second time causing the deadlock.

This deadlock was reported by lockdep and observed in internal tests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35953"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-20T10:15:10Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in context_xa\n\nivpu_device-\u003econtext_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\n\nThis deadlock was reported by lockdep and observed in internal tests.",
  "id": "GHSA-7rpw-5262-46cf",
  "modified": "2024-05-20T12:30:27Z",
  "published": "2024-05-20T12:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35953"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2024-35953

Vulnerability from cvelistv5

Published

2024-05-20 09:41

Modified

2024-09-11 17:33

Severity

Summary

accel/ivpu: Fix deadlock in context_xa

References

URL	Tags
https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775
https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a
https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:21:49.194Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-35953",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:40:42.693446Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:14.479Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/accel/ivpu/ivpu_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d43e11d9c7fc",
              "status": "affected",
              "version": "35b137630f08",
              "versionType": "git"
            },
            {
              "lessThan": "e60114111472",
              "status": "affected",
              "version": "35b137630f08",
              "versionType": "git"
            },
            {
              "lessThan": "fd7726e75968",
              "status": "affected",
              "version": "35b137630f08",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/accel/ivpu/ivpu_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.3"
            },
            {
              "lessThan": "6.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.28",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.7",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in context_xa\n\nivpu_device-\u003econtext_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\n\nThis deadlock was reported by lockdep and observed in internal tests."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T05:31:53.007Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775"
        },
        {
          "url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a"
        },
        {
          "url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3"
        }
      ],
      "title": "accel/ivpu: Fix deadlock in context_xa",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35953",
    "datePublished": "2024-05-20T09:41:47.290Z",
    "dateReserved": "2024-05-17T13:50:33.135Z",
    "dateUpdated": "2024-09-11T17:33:14.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.