In the Linux kernel, the following vulnerability has been resolved: dpll:
fix dpll_pin_on_pin_register() for multiple parent pins In scenario where
pin is registered with multiple parent pins via
dpll_pin_on_pin_register(…), all belonging to the same dpll device. A
second call to dpll_pin_on_pin_unregister(…) would cause a call trace, as
it tries to use already released registration resources (due to fix
introduced in b446631f355e). In this scenario pin was registered twice, so
resources are not yet expected to be release until each registered pin/pin
pair is unregistered. Currently, the following crash/call trace is produced
when ice driver is removed on the system with installed E810T NIC which
includes dpll device: WARNING: CPU: 51 PID: 9155 at
drivers/dpll/dpll_core.c:809 dpll_pin_ops+0x20/0x30 RIP:
0010:dpll_pin_ops+0x20/0x30 Call Trace: ? __warn+0x7f/0x130 ?
dpll_pin_ops+0x20/0x30 dpll_msg_add_pin_freq+0x37/0x1d0
dpll_cmd_pin_get_one+0x1c0/0x400 ? __nlmsg_put+0x63/0x80
dpll_pin_event_send+0x93/0x140 dpll_pin_on_pin_unregister+0x3f/0x100
ice_dpll_deinit_pins+0xa1/0x230 [ice] ice_remove+0xf1/0x210 [ice] Fix by
adding a parent pointer as a cookie when creating a registration, also when
searching for it. For the regular pins pass NULL, this allows to create
separated registration for each parent the pin is registered with.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gke | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-ibm | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-intel | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-lowlatency | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-nvidia | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-oem-6.8 | < any | UNKNOWN |
git.kernel.org/linus/38d7b94e81d068b8d8c8392f421cfd2c3bbfd1a6 (6.9-rc6)
git.kernel.org/stable/c/38d7b94e81d068b8d8c8392f421cfd2c3bbfd1a6
git.kernel.org/stable/c/f3e1cf62d18220a3aa97e084e7a3552debece9fc
launchpad.net/bugs/cve/CVE-2024-36002
nvd.nist.gov/vuln/detail/CVE-2024-36002
security-tracker.debian.org/tracker/CVE-2024-36002
www.cve.org/CVERecord?id=CVE-2024-36002