CVE-2024-44937

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> platform/x86: intel-vbtn: Protect ACPI notify handler against recursion<br /> <br /> Since commit e2ffcda16290 ("ACPI: OSL: Allow Notify () handlers to run on<br /> all CPUs") ACPI notify handlers like the intel-vbtn notify_handler() may<br /> run on multiple CPU cores racing with themselves.<br /> <br /> This race gets hit on Dell Venue 7140 tablets when undocking from<br /> the keyboard, causing the handler to try and register priv-&gt;switches_dev<br /> twice, as can be seen from the dev_info() message getting logged twice:<br /> <br /> [ 83.861800] intel-vbtn INT33D6:00: Registering Intel Virtual Switches input-dev after receiving a switch event<br /> [ 83.861858] input: Intel Virtual Switches as /devices/pci0000:00/0000:00:1f.0/PNP0C09:00/INT33D6:00/input/input17<br /> [ 83.861865] intel-vbtn INT33D6:00: Registering Intel Virtual Switches input-dev after receiving a switch event<br /> <br /> After which things go seriously wrong:<br /> [ 83.861872] sysfs: cannot create duplicate filename &amp;#39;/devices/pci0000:00/0000:00:1f.0/PNP0C09:00/INT33D6:00/input/input17&amp;#39;<br /> ...<br /> [ 83.861967] kobject: kobject_add_internal failed for input17 with -EEXIST, don&amp;#39;t try to register things with the same name in the same directory.<br /> [ 83.877338] BUG: kernel NULL pointer dereference, address: 0000000000000018<br /> ...<br /> <br /> Protect intel-vbtn notify_handler() from racing with itself with a mutex<br /> to fix this.