Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2024-26765

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/04/2024
Last modified:
18/03/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> LoongArch: Disable IRQ before init_fn() for nonboot CPUs<br /> <br /> Disable IRQ before init_fn() for nonboot CPUs when hotplug, in order to<br /> silence such warnings (and also avoid potential errors due to unexpected<br /> interrupts):<br /> <br /> WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:4503 rcu_cpu_starting+0x214/0x280<br /> CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.17+ #1198<br /> pc 90000000048e3334 ra 90000000047bd56c tp 900000010039c000 sp 900000010039fdd0<br /> a0 0000000000000001 a1 0000000000000006 a2 900000000802c040 a3 0000000000000000<br /> a4 0000000000000001 a5 0000000000000004 a6 0000000000000000 a7 90000000048e3f4c<br /> t0 0000000000000001 t1 9000000005c70968 t2 0000000004000000 t3 000000000005e56e<br /> t4 00000000000002e4 t5 0000000000001000 t6 ffffffff80000000 t7 0000000000040000<br /> t8 9000000007931638 u0 0000000000000006 s9 0000000000000004 s0 0000000000000001<br /> s1 9000000006356ac0 s2 9000000007244000 s3 0000000000000001 s4 0000000000000001<br /> s5 900000000636f000 s6 7fffffffffffffff s7 9000000002123940 s8 9000000001ca55f8<br /> ra: 90000000047bd56c tlb_init+0x24c/0x528<br /> ERA: 90000000048e3334 rcu_cpu_starting+0x214/0x280<br /> CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)<br /> PRMD: 00000000 (PPLV0 -PIE -PWE)<br /> EUEN: 00000000 (-FPE -SXE -ASXE -BTE)<br /> ECFG: 00071000 (LIE=12 VS=7)<br /> ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0)<br /> PRID: 0014c010 (Loongson-64bit, Loongson-3A5000)<br /> CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.17+ #1198<br /> Stack : 0000000000000000 9000000006375000 9000000005b61878 900000010039c000<br /> 900000010039fa30 0000000000000000 900000010039fa38 900000000619a140<br /> 9000000006456888 9000000006456880 900000010039f950 0000000000000001<br /> 0000000000000001 cb0cb028ec7e52e1 0000000002b90000 9000000100348700<br /> 0000000000000000 0000000000000001 ffffffff916d12f1 0000000000000003<br /> 0000000000040000 9000000007930370 0000000002b90000 0000000000000004<br /> 9000000006366000 900000000619a140 0000000000000000 0000000000000004<br /> 0000000000000000 0000000000000009 ffffffffffc681f2 9000000002123940<br /> 9000000001ca55f8 9000000006366000 90000000047a4828 00007ffff057ded8<br /> 00000000000000b0 0000000000000000 0000000000000000 0000000000071000<br /> ...<br /> Call Trace:<br /> [] show_stack+0x48/0x1a0<br /> [] dump_stack_lvl+0x84/0xcc<br /> [] __warn+0x8c/0x1e0<br /> [] report_bug+0x1b4/0x280<br /> [] do_bp+0x2d0/0x480<br /> [] handle_bp+0x120/0x1c0<br /> [] rcu_cpu_starting+0x214/0x280<br /> [] tlb_init+0x248/0x528<br /> [] per_cpu_trap_init+0x124/0x160<br /> [] cpu_probe+0x494/0xa00<br /> [] start_secondary+0x3c/0xc0<br /> [] smpboot_entry+0x50/0x58

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.1.80 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (including) 6.6.19 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (including) 6.7.7 (excluding)
cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools