CVE-2024-40977
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/07/2024
Last modified:
03/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
wifi: mt76: mt7921s: fix potential hung tasks during chip recovery<br />
<br />
During chip recovery (e.g. chip reset), there is a possible situation that<br />
kernel worker reset_work is holding the lock and waiting for kernel thread<br />
stat_worker to be parked, while stat_worker is waiting for the release of<br />
the same lock.<br />
It causes a deadlock resulting in the dumping of hung tasks messages and<br />
possible rebooting of the device.<br />
<br />
This patch prevents the execution of stat_worker during the chip recovery.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.1.96 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.36 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.9.7 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0b81faa05b0b9feb3ae2d69be1d21f0d126ecb08
- https://git.kernel.org/stable/c/85edd783f4539a994d66c4c014d5858f490b7a02
- https://git.kernel.org/stable/c/e974dd4c22a23ec3ce579fb6d31a674ac0435da9
- https://git.kernel.org/stable/c/ecf0b2b8a37c8464186620bef37812a117ff6366
- https://git.kernel.org/stable/c/0b81faa05b0b9feb3ae2d69be1d21f0d126ecb08
- https://git.kernel.org/stable/c/85edd783f4539a994d66c4c014d5858f490b7a02
- https://git.kernel.org/stable/c/e974dd4c22a23ec3ce579fb6d31a674ac0435da9
- https://git.kernel.org/stable/c/ecf0b2b8a37c8464186620bef37812a117ff6366
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html