Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-49993

Опубликовано: 21 окт. 2024
Источник: redhat
CVSS3: 5.5

Описание

[REJECTED CVE] A vulnerability has been identified in the Linux kernel's IOMMU (iommu/vt-d) subsystem, where calling qi_submit_sync() with zero invalidation descriptors could lead to a soft lockup due to misinterpreted descriptor statuses. An attacker with control over IOMMU operations could potentially trigger a deadlock, causing system instability.

Отчет

This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2024111049-REJECTED-2a27@gregkh/

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelWill not fix
Red Hat Enterprise Linux 8kernel-rtWill not fix
Red Hat Enterprise Linux 9kernel-rtWill not fix
Red Hat Enterprise Linux 9kernelFixedRHSA-2025:696613.05.2025
Red Hat Enterprise Linux 9kernelFixedRHSA-2025:696613.05.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-667
https://bugzilla.redhat.com/show_bug.cgi?id=2320432kernel: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count

5.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2024-49993

nvd
8 месяцев назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

msrc логотип

CVE-2024-49993

msrc
7 месяцев назад

Описание отсутствует

github логотип

GHSA-cjwf-5vh9-w48g

CVSS3: 5.5
github
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count If qi_submit_sync() is invoked with 0 invalidation descriptors (for instance, for DMA draining purposes), we can run into a bug where a submitting thread fails to detect the completion of invalidation_wait. Subsequently, this led to a soft lockup. Currently, there is no impact by this bug on the existing users because no callers are submitting invalidations with 0 descriptors. This fix will enable future users (such as DMA drain) calling qi_submit_sync() with 0 count. Suppose thread T1 invokes qi_submit_sync() with non-zero descriptors, while concurrently, thread T2 calls qi_submit_sync() with zero descriptors. Both threads then enter a while loop, waiting for their respective descriptors to complete. T1 detects its completion (i.e., T1's invalidation_wait status changes to QI_DONE by HW) and proceeds to call reclaim_free_desc() to reclaim all...

suse-cvrf логотип

SUSE-SU-2024:3983-1

suse-cvrf
7 месяцев назад

Security update for the Linux Kernel

suse-cvrf логотип

SUSE-SU-2024:3985-1

suse-cvrf
7 месяцев назад

Security update for the Linux Kernel

5.5 Medium

CVSS3