Lucene search

Ubuntu.comUB:CVE-2024-26854

HistoryApr 17, 2024 - 12:00 a.m.

CVE-2024-26854

2024-04-1700:00:00

ubuntu.com

linux kernel

vulnerability

ice

dplls

mutex

warning

pcie

ptp

init

cpu

hardware

bios

workqueue

acpi

error

path

modules

linked

gb/s

bandwith

rip

code

irq

event

stamp

hardirqs

softirqs

trace

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

High

EPSS

Percentile

9.0%

JSON

In the Linux kernel, the following vulnerability has been resolved: ice:
fix uninitialized dplls mutex usage The pf->dplls.lock mutex is initialized
too late, after its first use. Move it to the top of ice_dpll_init. Note
that the “err_exit” error path destroys the mutex. And the mutex is the
last thing destroyed in ice_dpll_deinit. This fixes the following warning
with CONFIG_DEBUG_MUTEXES: ice 0000:10:00.0: The DDP package was
successfully loaded: ICE OS Default Package version 1.3.36.0 ice
0000:10:00.0: 252.048 Gb/s available PCIe bandwidth (16.0 GT/s PCIe x16
link) ice 0000:10:00.0: PTP init successful ------------[ cut here
]------------ DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 0 PID:
410 at kernel/locking/mutex.c:587 __mutex_lock+0x773/0xd40 Modules linked
in: crct10dif_pclmul crc32_pclmul crc32c_intel polyval_clmulni
polyval_generic ice(+) nvme nvme_c> CPU: 0 PID: 410 Comm: kworker/0:4 Not
tainted 6.8.0-rc5+ #3 Hardware name: HPE ProLiant DL110 Gen10 Plus/ProLiant
DL110 Gen10 Plus, BIOS U56 10/19/2023 Workqueue: events work_for_cpu_fn
RIP: 0010:__mutex_lock+0x773/0xd40 Code: c0 0f 84 1d f9 ff ff 44 8b 35 0d
9c 69 01 45 85 f6 0f 85 0d f9 ff ff 48 c7 c6 12 a2 a9 85 48 c7 c7 12 f1 a>
RSP: 0018:ff7eb1a3417a7ae0 EFLAGS: 00010286 RAX: 0000000000000000 RBX:
0000000000000002 RCX: 0000000000000000 RDX: 0000000000000002 RSI:
ffffffff85ac2bff RDI: 00000000ffffffff RBP: ff7eb1a3417a7b80 R08:
0000000000000000 R09: 00000000ffffbfff R10: ff7eb1a3417a7978 R11:
ff32b80f7fd2e568 R12: 0000000000000000 R13: 0000000000000000 R14:
0000000000000000 R15: ff32b7f02c50e0d8 FS: 0000000000000000(0000)
GS:ff32b80efe800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000
CR0: 0000000080050033 CR2: 000055b5852cc000 CR3: 000000003c43a004 CR4:
0000000000771ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? __warn+0x84/0x170 ?
__mutex_lock+0x773/0xd40 ? report_bug+0x1c7/0x1d0 ?
prb_read_valid+0x1b/0x30 ? handle_bug+0x42/0x70 ? exc_invalid_op+0x18/0x70
? asm_exc_invalid_op+0x1a/0x20 ? __mutex_lock+0x773/0xd40 ?
rcu_is_watching+0x11/0x50 ? __kmalloc_node_track_caller+0x346/0x490 ?
ice_dpll_lock_status_get+0x28/0x50 [ice] ?
__pfx_ice_dpll_lock_status_get+0x10/0x10 [ice] ?
ice_dpll_lock_status_get+0x28/0x50 [ice] ice_dpll_lock_status_get+0x28/0x50
[ice] dpll_device_get_one+0x14f/0x2e0 dpll_device_event_send+0x7d/0x150
dpll_device_register+0x124/0x180 ice_dpll_init_dpll+0x7b/0xd0 [ice]
ice_dpll_init+0x224/0xa40 [ice] ? _dev_info+0x70/0x90 ice_load+0x468/0x690
[ice] ice_probe+0x75b/0xa10 [ice] ? _raw_spin_unlock_irqrestore+0x4f/0x80 ?
process_one_work+0x1a3/0x500 local_pci_probe+0x47/0xa0
work_for_cpu_fn+0x17/0x30 process_one_work+0x20d/0x500
worker_thread+0x1df/0x3e0 ? __pfx_worker_thread+0x10/0x10
kthread+0x103/0x140 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x31/0x50 ?
__pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK> irq event
stamp: 125197 hardirqs last enabled at (125197): [<ffffffff8416409d>]
finish_task_switch.isra.0+0x12d/0x3d0 hardirqs last disabled at (125196):
[<ffffffff85134044>] __schedule+0xea4/0x19f0 softirqs last enabled at
(105334): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60 softirqs last
disabled at (105332): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60
—[ end trace 0000000000000000 ]—