CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
9.0%
In the Linux kernel, the following vulnerability has been resolved: ice:
fix uninitialized dplls mutex usage The pf->dplls.lock mutex is initialized
too late, after its first use. Move it to the top of ice_dpll_init. Note
that the “err_exit” error path destroys the mutex. And the mutex is the
last thing destroyed in ice_dpll_deinit. This fixes the following warning
with CONFIG_DEBUG_MUTEXES: ice 0000:10:00.0: The DDP package was
successfully loaded: ICE OS Default Package version 1.3.36.0 ice
0000:10:00.0: 252.048 Gb/s available PCIe bandwidth (16.0 GT/s PCIe x16
link) ice 0000:10:00.0: PTP init successful ------------[ cut here
]------------ DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 0 PID:
410 at kernel/locking/mutex.c:587 __mutex_lock+0x773/0xd40 Modules linked
in: crct10dif_pclmul crc32_pclmul crc32c_intel polyval_clmulni
polyval_generic ice(+) nvme nvme_c> CPU: 0 PID: 410 Comm: kworker/0:4 Not
tainted 6.8.0-rc5+ #3 Hardware name: HPE ProLiant DL110 Gen10 Plus/ProLiant
DL110 Gen10 Plus, BIOS U56 10/19/2023 Workqueue: events work_for_cpu_fn
RIP: 0010:__mutex_lock+0x773/0xd40 Code: c0 0f 84 1d f9 ff ff 44 8b 35 0d
9c 69 01 45 85 f6 0f 85 0d f9 ff ff 48 c7 c6 12 a2 a9 85 48 c7 c7 12 f1 a>
RSP: 0018:ff7eb1a3417a7ae0 EFLAGS: 00010286 RAX: 0000000000000000 RBX:
0000000000000002 RCX: 0000000000000000 RDX: 0000000000000002 RSI:
ffffffff85ac2bff RDI: 00000000ffffffff RBP: ff7eb1a3417a7b80 R08:
0000000000000000 R09: 00000000ffffbfff R10: ff7eb1a3417a7978 R11:
ff32b80f7fd2e568 R12: 0000000000000000 R13: 0000000000000000 R14:
0000000000000000 R15: ff32b7f02c50e0d8 FS: 0000000000000000(0000)
GS:ff32b80efe800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000
CR0: 0000000080050033 CR2: 000055b5852cc000 CR3: 000000003c43a004 CR4:
0000000000771ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? __warn+0x84/0x170 ?
__mutex_lock+0x773/0xd40 ? report_bug+0x1c7/0x1d0 ?
prb_read_valid+0x1b/0x30 ? handle_bug+0x42/0x70 ? exc_invalid_op+0x18/0x70
? asm_exc_invalid_op+0x1a/0x20 ? __mutex_lock+0x773/0xd40 ?
rcu_is_watching+0x11/0x50 ? __kmalloc_node_track_caller+0x346/0x490 ?
ice_dpll_lock_status_get+0x28/0x50 [ice] ?
__pfx_ice_dpll_lock_status_get+0x10/0x10 [ice] ?
ice_dpll_lock_status_get+0x28/0x50 [ice] ice_dpll_lock_status_get+0x28/0x50
[ice] dpll_device_get_one+0x14f/0x2e0 dpll_device_event_send+0x7d/0x150
dpll_device_register+0x124/0x180 ice_dpll_init_dpll+0x7b/0xd0 [ice]
ice_dpll_init+0x224/0xa40 [ice] ? _dev_info+0x70/0x90 ice_load+0x468/0x690
[ice] ice_probe+0x75b/0xa10 [ice] ? _raw_spin_unlock_irqrestore+0x4f/0x80 ?
process_one_work+0x1a3/0x500 local_pci_probe+0x47/0xa0
work_for_cpu_fn+0x17/0x30 process_one_work+0x20d/0x500
worker_thread+0x1df/0x3e0 ? __pfx_worker_thread+0x10/0x10
kthread+0x103/0x140 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x31/0x50 ?
__pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> irq event
stamp: 125197 hardirqs last enabled at (125197): [<ffffffff8416409d>]
finish_task_switch.isra.0+0x12d/0x3d0 hardirqs last disabled at (125196):
[<ffffffff85134044>] __schedule+0xea4/0x19f0 softirqs last enabled at
(105334): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60 softirqs last
disabled at (105332): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60
—[ end trace 0000000000000000 ]—
git.kernel.org/linus/9224fc86f1776193650a33a275cac628952f80a9 (6.8)
git.kernel.org/stable/c/9224fc86f1776193650a33a275cac628952f80a9
git.kernel.org/stable/c/db29ceff3e25c48907016da456a7cbee6310fd83
launchpad.net/bugs/cve/CVE-2024-26854
nvd.nist.gov/vuln/detail/CVE-2024-26854
security-tracker.debian.org/tracker/CVE-2024-26854
www.cve.org/CVERecord?id=CVE-2024-26854