In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Register devlink first under devlink lock In case device is
having a non fatal FW error during probe, the driver will report the error
to user via devlink. This will trigger a WARN_ON, since mlx5 is calling
devlink_register() last. In order to avoid the WARN_ON[1], change mlx5 to
invoke devl_register() first under devlink lock. [1] WARNING: CPU: 5 PID:
227 at net/devlink/health.c:483
devlink_recover_notify.constprop.0+0xb8/0xc0 CPU: 5 PID: 227 Comm:
kworker/u16:3 Not tainted 6.4.0-rc5_for_upstream_min_debug_2023_06_12_12_38
#1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 Workqueue:
mlx5_health0000:08:00.0 mlx5_fw_reporter_err_work [mlx5_core] RIP:
0010:devlink_recover_notify.constprop.0+0xb8/0xc0 Call Trace: <TASK> ?
__warn+0x79/0x120 ? devlink_recover_notify.constprop.0+0xb8/0xc0 ?
report_bug+0x17c/0x190 ? handle_bug+0x3c/0x60 ? exc_invalid_op+0x14/0x70 ?
asm_exc_invalid_op+0x16/0x20 ? devlink_recover_notify.constprop.0+0xb8/0xc0
devlink_health_report+0x4a/0x1c0 mlx5_fw_reporter_err_work+0xa4/0xd0
[mlx5_core] process_one_work+0x1bb/0x3c0 ? process_one_work+0x3c0/0x3c0
worker_thread+0x4d/0x3c0 ? process_one_work+0x3c0/0x3c0 kthread+0xc6/0xf0 ?
kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x1f/0x30 </TASK>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/c6e77aa9dd82bc18a89bf49418f8f7e961cfccc8 (6.9-rc4)
git.kernel.org/stable/c/8c91c60858473731bcdaf04fda99fcbcf84420d4
git.kernel.org/stable/c/967caa3d37c078e5b95a32094657e6a4cad145f0
git.kernel.org/stable/c/c6e77aa9dd82bc18a89bf49418f8f7e961cfccc8
launchpad.net/bugs/cve/CVE-2024-35961
nvd.nist.gov/vuln/detail/CVE-2024-35961
security-tracker.debian.org/tracker/CVE-2024-35961
www.cve.org/CVERecord?id=CVE-2024-35961