CVE-2024-27055
workqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
workqueue: Don't call cpumask_test_cpu() with -1 CPU in wq_update_node_max_active()
For wq_update_node_max_active(), @off_cpu of -1 indicates that no CPU is
going down. The function was incorrectly calling cpumask_test_cpu() with -1
CPU leading to oopses like the following on some archs:
Unable to handle kernel paging request at virtual address ffff0002100296e0
..
pc : wq_update_node_max_active+0x50/0x1fc
lr : wq_update_node_max_active+0x1f0/0x1fc
...
Call trace:
wq_update_node_max_active+0x50/0x1fc
apply_wqattrs_commit+0xf0/0x114
apply_workqueue_attrs_locked+0x58/0xa0
alloc_workqueue+0x5ac/0x774
workqueue_init_early+0x460/0x540
start_kernel+0x258/0x684
__primary_switched+0xb8/0xc0
Code: 9100a273 35000d01 53067f00 d0016dc1 (f8607a60)
---[ end trace 0000000000000000 ]---
Kernel panic - not syncing: Attempted to kill the idle task!
---[ end Kernel panic - not syncing: Attempted to kill the idle task! ]---
Fix it.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: cola de trabajo: no llame a cpumask_test_cpu() con -1 CPU en wq_update_node_max_active() Para wq_update_node_max_active(), @off_cpu de -1 indica que no hay ninguna CPU fallando. La función llamaba incorrectamente a cpumask_test_cpu() con -1 CPU, lo que provocaba errores como los siguientes en algunos arcos: No se puede manejar la solicitud de paginación del kernel en la dirección virtual ffff0002100296e0 .. pc: wq_update_node_max_active+0x50/0x1fc lr: wq_update_node_max_active+0x1f0/0x1fc .. Seguimiento de llamadas: wq_update_node_max_active+0x50/0x1fc apply_wqattrs_commit+0xf0/0x114 apply_workqueue_attrs_locked+0x58/0xa0 alloc_workqueue+0x5ac/0x774 workqueue_init_early+0x460/0x540 start_kernel+0x258/0x68. 4 __primary_switched+0xb8/0xc0 Código: 9100a273 35000d01 53067f00 d0016dc1 (f8607a60) -- -[ end trace 0000000000000000 ]--- Pánico del kernel - no se sincroniza: ¡Se intentó finalizar la tarea inactiva! ---[ fin del pánico del kernel: no se sincroniza: ¡se intentó finalizar la tarea inactiva! ]--- Arreglalo.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-19 CVE Reserved
- 2024-05-01 CVE Published
- 2024-05-02 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/5a70baec2294e8a7d0fcc4558741c23e752dad5c | Vuln. Introduced | |
| https://git.kernel.org/stable/c/843288afd3cc6f3342659c6cf81fc47684d25563 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6.23 < 6.6.25 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.23 < 6.6.25" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.8.2 < 6.8.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.8.2 < 6.8.4" | en |
Affected
| ||||||