In the Linux kernel, the following vulnerability has been resolved:
x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
Modifying a MCA bank’s MCA_CTL bits which control which error types to
be reported is done over
/sys/devices/system/machinecheck/
??? machinecheck0
? ??? bank0
? ??? bank1
? ??? bank10
? ??? bank11
…
sysfs nodes by writing the new bit mask of events to enable.
When the write is accepted, the kernel deletes all current timers and
reinits all banks.
Doing that in parallel can lead to initializing a timer which is already
armed and in the timer wheel, i.e., in use already:
ODEBUG: init active (active state 0) object: ffff888063a28000 object
type: timer_list hint: mce_timer_fn+0x0/0x240
arch/x86/kernel/cpu/mce/core.c:2642
WARNING: CPU: 0 PID: 8120 at lib/debugobjects.c:514
debug_print_object+0x1a0/0x2a0 lib/debugobjects.c:514
Fix that by grabbing the sysfs mutex as the rest of the MCA sysfs code
does.
Reported by: Yue Sun <[email protected]>
Reported by: xingwei lee <[email protected]>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/3ddf944b32f88741c303f0b21459dbb3872b8bc5 (6.9-rc3)
git.kernel.org/stable/c/20a915154ccb88da08986ab6c9fc4c1cf6259de2
git.kernel.org/stable/c/32223b0b60d53f49567fc501f91ca076ae96be6b
git.kernel.org/stable/c/3ddf944b32f88741c303f0b21459dbb3872b8bc5
git.kernel.org/stable/c/5a02df3e92470efd589712925b5c722e730276a0
git.kernel.org/stable/c/976b1b2680fb4c01aaf05a0623288d87619a6c93
git.kernel.org/stable/c/f5e65b782f3e07324b9a8fa3cdaee422f057c758
git.kernel.org/stable/c/f860595512ff5c05a29fa4d64169c3fd1186b8cf
launchpad.net/bugs/cve/CVE-2024-35876
nvd.nist.gov/vuln/detail/CVE-2024-35876
security-tracker.debian.org/tracker/CVE-2024-35876
www.cve.org/CVERecord?id=CVE-2024-35876