CVE-2024-50122

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> PCI: Hold rescan lock while adding devices during host probe<br /> <br /> Since adding the PCI power control code, we may end up with a race between<br /> the pwrctl platform device rescanning the bus and host controller probe<br /> functions. The latter need to take the rescan lock when adding devices or<br /> we may end up in an undefined state having two incompletely added devices<br /> and hit the following crash when trying to remove the device over sysfs:<br /> <br /> Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000<br /> Internal error: Oops: 0000000096000004 [#1] SMP<br /> Call trace:<br /> __pi_strlen+0x14/0x150<br /> kernfs_find_ns+0x80/0x13c<br /> kernfs_remove_by_name_ns+0x54/0xf0<br /> sysfs_remove_bin_file+0x24/0x34<br /> pci_remove_resource_files+0x3c/0x84<br /> pci_remove_sysfs_dev_files+0x28/0x38<br /> pci_stop_bus_device+0x8c/0xd8<br /> pci_stop_bus_device+0x40/0xd8<br /> pci_stop_and_remove_bus_device_locked+0x28/0x48<br /> remove_store+0x70/0xb0<br /> dev_attr_store+0x20/0x38<br /> sysfs_kf_write+0x58/0x78<br /> kernfs_fop_write_iter+0xe8/0x184<br /> vfs_write+0x2dc/0x308<br /> ksys_write+0x7c/0xec