CVE-2024-38594
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/06/2024
Last modified:
31/10/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: stmmac: move the EST lock to struct stmmac_priv<br />
<br />
Reinitialize the whole EST structure would also reset the mutex<br />
lock which is embedded in the EST structure, and then trigger<br />
the following warning. To address this, move the lock to struct<br />
stmmac_priv. We also need to reacquire the mutex lock when doing<br />
this initialization.<br />
<br />
DEBUG_LOCKS_WARN_ON(lock->magic != lock)<br />
WARNING: CPU: 3 PID: 505 at kernel/locking/mutex.c:587 __mutex_lock+0xd84/0x1068<br />
Modules linked in:<br />
CPU: 3 PID: 505 Comm: tc Not tainted 6.9.0-rc6-00053-g0106679839f7-dirty #29<br />
Hardware name: NXP i.MX8MPlus EVK board (DT)<br />
pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)<br />
pc : __mutex_lock+0xd84/0x1068<br />
lr : __mutex_lock+0xd84/0x1068<br />
sp : ffffffc0864e3570<br />
x29: ffffffc0864e3570 x28: ffffffc0817bdc78 x27: 0000000000000003<br />
x26: ffffff80c54f1808 x25: ffffff80c9164080 x24: ffffffc080d723ac<br />
x23: 0000000000000000 x22: 0000000000000002 x21: 0000000000000000<br />
x20: 0000000000000000 x19: ffffffc083bc3000 x18: ffffffffffffffff<br />
x17: ffffffc08117b080 x16: 0000000000000002 x15: ffffff80d2d40000<br />
x14: 00000000000002da x13: ffffff80d2d404b8 x12: ffffffc082b5a5c8<br />
x11: ffffffc082bca680 x10: ffffffc082bb2640 x9 : ffffffc082bb2698<br />
x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001<br />
x5 : ffffff8178fe0d48 x4 : 0000000000000000 x3 : 0000000000000027<br />
x2 : ffffff8178fe0d50 x1 : 0000000000000000 x0 : 0000000000000000<br />
Call trace:<br />
__mutex_lock+0xd84/0x1068<br />
mutex_lock_nested+0x28/0x34<br />
tc_setup_taprio+0x118/0x68c<br />
stmmac_setup_tc+0x50/0xf0<br />
taprio_change+0x868/0xc9c
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.10.62 (including) | 5.11 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.13.14 (including) | 5.14 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.14.1 (including) | 6.6.55 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.9 (including) | 6.9.3 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.14:-:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.14:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.14:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.14:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.14:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.14:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/36ac9e7f2e5786bd37c5cd91132e1f39c29b8197
- https://git.kernel.org/stable/c/487f9030b1ef34bab123f2df2a4ccbe01ba84416
- https://git.kernel.org/stable/c/6f476aff2d8da1a189621c4c16a76a6c534e4312
- https://git.kernel.org/stable/c/b538fefeb1026aad9dcdcbb410c42b56dff8aae9
- https://git.kernel.org/stable/c/36ac9e7f2e5786bd37c5cd91132e1f39c29b8197
- https://git.kernel.org/stable/c/487f9030b1ef34bab123f2df2a4ccbe01ba84416
- https://git.kernel.org/stable/c/6f476aff2d8da1a189621c4c16a76a6c534e4312