CVE-2024-38594

EPSS 0.07%
Veröffentlicht 19.06.2024 14:15:19
Zuletzt bearbeitet 21.11.2024 09:26:26
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

net: stmmac: move the EST lock to struct stmmac_priv

Reinitialize the whole EST structure would also reset the mutex
lock which is embedded in the EST structure, and then trigger
the following warning. To address this, move the lock to struct
stmmac_priv. We also need to reacquire the mutex lock when doing
this initialization.

DEBUG_LOCKS_WARN_ON(lock->magic != lock)
WARNING: CPU: 3 PID: 505 at kernel/locking/mutex.c:587 __mutex_lock+0xd84/0x1068
 Modules linked in:
 CPU: 3 PID: 505 Comm: tc Not tainted 6.9.0-rc6-00053-g0106679839f7-dirty #29
 Hardware name: NXP i.MX8MPlus EVK board (DT)
 pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
 pc : __mutex_lock+0xd84/0x1068
 lr : __mutex_lock+0xd84/0x1068
 sp : ffffffc0864e3570
 x29: ffffffc0864e3570 x28: ffffffc0817bdc78 x27: 0000000000000003
 x26: ffffff80c54f1808 x25: ffffff80c9164080 x24: ffffffc080d723ac
 x23: 0000000000000000 x22: 0000000000000002 x21: 0000000000000000
 x20: 0000000000000000 x19: ffffffc083bc3000 x18: ffffffffffffffff
 x17: ffffffc08117b080 x16: 0000000000000002 x15: ffffff80d2d40000
 x14: 00000000000002da x13: ffffff80d2d404b8 x12: ffffffc082b5a5c8
 x11: ffffffc082bca680 x10: ffffffc082bb2640 x9 : ffffffc082bb2698
 x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001
 x5 : ffffff8178fe0d48 x4 : 0000000000000000 x3 : 0000000000000027
 x2 : ffffff8178fe0d50 x1 : 0000000000000000 x0 : 0000000000000000
 Call trace:
  __mutex_lock+0xd84/0x1068
  mutex_lock_nested+0x28/0x34
  tc_setup_taprio+0x118/0x68c
  stmmac_setup_tc+0x50/0xf0
  taprio_change+0x868/0xc9c

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b538fefeb1026aad9dcdcbb410c42b56dff8aae9

Version b2aae654a4794ef898ad33a179f341eb610f6b85

Status affected

Version < 487f9030b1ef34bab123f2df2a4ccbe01ba84416

Version b2aae654a4794ef898ad33a179f341eb610f6b85

Status affected

Version < 6f476aff2d8da1a189621c4c16a76a6c534e4312

Version b2aae654a4794ef898ad33a179f341eb610f6b85

Status affected

Version < 36ac9e7f2e5786bd37c5cd91132e1f39c29b8197

Version b2aae654a4794ef898ad33a179f341eb610f6b85

Status affected

Version b2091d47a14e8e6b3f03d792c1b25255d60b3219

Status affected

Version 5ce4cc16d47186f0b76254e6f27beea25bafc1d9

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.14

Status affected

Version < 5.14

Version 0

Status unaffected

Version <= 6.6.*

Version 6.6.55

Status unaffected

Version <= 6.8.*

Version 6.8.12

Status unaffected

Version <= 6.9.*

Version 6.9.3

Status unaffected

Version <= *

Version 6.10

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.209

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/36ac9e7f2e5786bd37c5cd91132e1f39c29b8197

https://git.kernel.org/stable/c/487f9030b1ef34bab123f2df2a4ccbe01ba84416

https://git.kernel.org/stable/c/6f476aff2d8da1a189621c4c16a76a6c534e4312

https://git.kernel.org/stable/c/b538fefeb1026aad9dcdcbb410c42b56dff8aae9

https://nvd.nist.gov/vuln/detail/CVE-2024-38594

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-38594

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-38594

EUVD