CVE-2024-26646

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> thermal: intel: hfi: Add syscore callbacks for system-wide PM<br /> <br /> The kernel allocates a memory buffer and provides its location to the<br /> hardware, which uses it to update the HFI table. This allocation occurs<br /> during boot and remains constant throughout runtime.<br /> <br /> When resuming from hibernation, the restore kernel allocates a second<br /> memory buffer and reprograms the HFI hardware with the new location as<br /> part of a normal boot. The location of the second memory buffer may<br /> differ from the one allocated by the image kernel.<br /> <br /> When the restore kernel transfers control to the image kernel, its HFI<br /> buffer becomes invalid, potentially leading to memory corruption if the<br /> hardware writes to it (the hardware continues to use the buffer from the<br /> restore kernel).<br /> <br /> It is also possible that the hardware "forgets" the address of the memory<br /> buffer when resuming from "deep" suspend. Memory corruption may also occur<br /> in such a scenario.<br /> <br /> To prevent the described memory corruption, disable HFI when preparing to<br /> suspend or hibernate. Enable it when resuming.<br /> <br /> Add syscore callbacks to handle the package of the boot CPU (packages of<br /> non-boot CPUs are handled via CPU offline). Syscore ops always run on the<br /> boot CPU. Additionally, HFI only needs to be disabled during "deep" suspend<br /> and hibernation. Syscore ops only run in these cases.<br /> <br /> [ rjw: Comment adjustment, subject and changelog edits ]