CVE-2024-57949
irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() The following call-chain leads to enabling interrupts in a nested interrupt
disabled section: irq_set_vcpu_affinity() irq_get_desc_lock() raw_spin_lock_irqsave() <--- Disable interrupts its_irq_set_vcpu_affinity() guard(raw_spinlock_irq) <--- Enables interrupts when leaving the guard() irq_put_desc_unlock() <--- Warns because interrupts are enabled This was broken in commit b97e8a2f7130, which replaced the original
raw_spin_[un]lock() pair with guard(raw_spinlock_irq). Fix the issue by using guard(raw_spinlock). [ tglx: Massaged change log ]
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Don't enable interrupts in its_irq_set_vcpu_affinity() The following call-chain leads to enabling interrupts in a nested interrupt disabled section: irq_set_vcpu_affinity() irq_get_desc_lock() raw_spin_lock_irqsave() <--- Disable interrupts its_irq_set_vcpu_affinity() guard(raw_spinlock_irq) <--- Enables interrupts when leaving the guard() irq_put_desc_unlock() <--- Warns because interrupts are enabled This was broken in commit b97e8a2f7130, which replaced the original raw_spin_[un]lock() pair with guard(raw_spinlock_irq). Fix the issue by using guard(raw_spinlock). [ tglx: Massaged change log ]
CVSS Scores
SSVC
- Decision:-
Timeline
- 2025-01-19 CVE Reserved
- 2025-02-09 CVE Published
- 2025-02-09 CVE Updated
- 2025-02-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/2458f2362f695584bd824c922caa07ffc4fe0d5c | Vuln. Introduced | |
| https://git.kernel.org/stable/c/5c0fb9cb404a2efbbc319ff9d1b877cf4e47e950 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/b97e8a2f7130a4b30d1502003095833d16c028b3 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/c11039edbabdbccf0728844f1002d750d06f9eff | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.1.95 < 6.1.127 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.95 < 6.1.127" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6.35 < 6.6.74 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.35 < 6.6.74" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.10 < 6.12.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.10 < 6.12.11" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.10 < 6.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.10 < 6.13" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.9.6 Search vendor "Linux" for product "Linux Kernel" and version "6.9.6" | en |
Affected
| ||||||