CVE-2024-46829
rtmutex: Drop rt_mutex::wait_lock before scheduling
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the
good case it returns with the lock held and in the deadlock case it emits a
warning and goes into an endless scheduling loop with the lock held, which
triggers the 'scheduling in atomic' warning. Unlock rt_mutex::wait_lock in the dead lock case before issuing the warning
and dropping into the schedule for ever loop. [ tglx: Moved unlock before the WARN(), removed the pointless comment, massaged changelog, added Fixes tag ]
In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless scheduling loop with the lock held, which triggers the 'scheduling in atomic' warning. Unlock rt_mutex::wait_lock in the dead lock case before issuing the warning and dropping into the schedule for ever loop. [ tglx: Moved unlock before the WARN(), removed the pointless comment, massaged changelog, added Fixes tag ]
Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-09-11 CVE Reserved
- 2024-09-27 CVE Published
- 2024-12-19 CVE Updated
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/3d5c9340d1949733eb37616abd15db36aef9a57c | Vuln. Introduced | |
| https://git.kernel.org/stable/c/95f9aded9436aa3ce714aeff3f45fcc1431df7d2 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/ea018da95368adfb700689bd9842714f7c3db665 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/1201613a70dd34bd347ba2970919b3f1d5fbfb4a | Vuln. Introduced | |
| https://git.kernel.org/stable/c/a2e64fcdc83c645813f7b93e4df291841ba7c625 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/fb52f40e085ef4074f1335672cd62c1f832af13b | Vuln. Introduced | |
| https://git.kernel.org/stable/c/2b1f3807ed9cafb59c956ce76a05d25e67103f2e | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 4.19.322 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 4.19.322" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 5.4.284 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 5.4.284" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 5.10.226 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 5.10.226" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 5.15.167 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 5.15.167" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 6.1.110 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.1.110" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 6.6.51 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.6.51" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 6.10.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.10.10" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.16 < 6.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.16 < 6.11" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.2.61 Search vendor "Linux" for product "Linux Kernel" and version "3.2.61" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.4.99 Search vendor "Linux" for product "Linux Kernel" and version "3.4.99" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.10.49 Search vendor "Linux" for product "Linux Kernel" and version "3.10.49" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.12.25 Search vendor "Linux" for product "Linux Kernel" and version "3.12.25" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.14.10 Search vendor "Linux" for product "Linux Kernel" and version "3.14.10" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.15.3 Search vendor "Linux" for product "Linux Kernel" and version "3.15.3" | en |
Affected
| ||||||