CVE-2024-35806

soc: fsl: qbman: Always disable interrupts when taking cgr_lock

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Always disable interrupts when taking cgr_lock smp_call_function_single disables IRQs when executing the callback. To
prevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.
This is already done by qman_update_cgr and qman_delete_cgr; fix the
other lockers.

En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: soc:fsl:qbman: Desactiva siempre las interrupciones al tomar cgr_lock smp_call_function_single desactiva las IRQ al ejecutar la devolución de llamada. Para evitar interbloqueos, debemos desactivar las IRQ cuando llevemos cgr_lock a otro lugar. Esto ya lo hacen qman_update_cgr y qman_delete_cgr; arreglar los otros casilleros.

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Always disable interrupts when taking cgr_lock smp_call_function_single disables IRQs when executing the callback. To prevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere. This is already done by qman_update_cgr and qman_delete_cgr; fix the other lockers.

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-17 CVE Reserved
2024-05-17 CVE Published
2024-12-19 CVE Updated
2025-03-29 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (15)

URL	Tag	Source
https://git.kernel.org/stable/c/96f413f47677366e0ae03797409bfcc4151dbf9e	Vuln. Introduced
https://git.kernel.org/stable/c/a85c525bbff4d7467d7f0ab6fed8e2f787b073d6	Vuln. Introduced
https://git.kernel.org/stable/c/29cd9c2d1f428c281962135ea046a9d7bda88d14	Vuln. Introduced
https://git.kernel.org/stable/c/5b10a404419f0532ef3ba990c12bebe118adb6d7	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9	2024-04-13
https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a	2024-04-13
https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec	2024-04-13
https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430	2024-04-10
https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03	2024-04-03
https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397	2024-04-03
https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f	2024-04-03
https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd	2024-04-03
https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3	2024-03-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 4.19.312 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 4.19.312"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 5.4.274 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.4.274"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 5.10.215 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.10.215"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 5.15.154 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.15.154"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 6.1.84 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.1.84"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 6.6.24 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.6.24"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 6.7.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.7.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 6.8.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.8.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.16 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.9.92 Search vendor "Linux" for product "Linux Kernel" and version "4.9.92"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.14.32 Search vendor "Linux" for product "Linux Kernel" and version "4.14.32"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.15.15 Search vendor "Linux" for product "Linux Kernel" and version "4.15.15"		en		Affected