5.5
CVE-2024-35953
- EPSS 0.17%
- Veröffentlicht 20.05.2024 10:15:10
- Zuletzt bearbeitet 10.01.2025 18:11:53
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
accel/ivpu: Fix deadlock in context_xa
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in context_xa ivpu_device->context_xa is locked both in kernel thread and IRQ context. It requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization otherwise the lock could be acquired from a thread and interrupted by an IRQ that locks it for the second time causing the deadlock. This deadlock was reported by lockdep and observed in internal tests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.3 < 6.6.28
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.7
Linux ≫ Linux Kernel Version6.9 Updaterc1
Linux ≫ Linux Kernel Version6.9 Updaterc2
Linux ≫ Linux Kernel Version6.9 Updaterc3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.066 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-667 Improper Locking
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775
https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a
https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3