CVE-2024-49856

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> x86/sgx: Fix deadlock in SGX NUMA node search<br /> <br /> When the current node doesn&amp;#39;t have an EPC section configured by firmware<br /> and all other EPC sections are used up, CPU can get stuck inside the<br /> while loop that looks for an available EPC page from remote nodes<br /> indefinitely, leading to a soft lockup. Note how nid_of_current will<br /> never be equal to nid in that while loop because nid_of_current is not<br /> set in sgx_numa_mask.<br /> <br /> Also worth mentioning is that it&amp;#39;s perfectly fine for the firmware not<br /> to setup an EPC section on a node. While setting up an EPC section on<br /> each node can enhance performance, it is not a requirement for<br /> functionality.<br /> <br /> Rework the loop to start and end on *a* node that has SGX memory. This<br /> avoids the deadlock looking for the current SGX-lacking node to show up<br /> in the loop when it never will.