5.5

CVE-2024-46832

MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed

In the Linux kernel, the following vulnerability has been resolved:

MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed

This avoids warning:

[    0.118053] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:283

Caused by get_c0_compare_int on secondary CPU.

We also skipped saving IRQ number to struct clock_event_device *cd as
it's never used by clockevent core, as per comments it's only meant
for "non CPU local devices".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10.226
LinuxLinux Kernel Version >= 5.11 < 5.15.167
LinuxLinux Kernel Version >= 5.16 < 6.1.110
LinuxLinux Kernel Version >= 6.2 < 6.6.51
LinuxLinux Kernel Version >= 6.7 < 6.10.10
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
LinuxLinux Kernel Version6.11 Updaterc3
LinuxLinux Kernel Version6.11 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.145
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/189d3ed3b25beee26ffe2abed278208bece13f52
Patch
https://git.kernel.org/stable/c/32ee0520159f1e8c2d6597c19690df452c528f30
Patch
https://git.kernel.org/stable/c/50f2b98dc83de7809a5c5bf0ccf9af2e75c37c13
Patch
https://git.kernel.org/stable/c/b1d2051373bfc65371ce4ac8911ed984d0178c98
Patch
https://git.kernel.org/stable/c/d3ff0f98a52f0aafe35aa314d1c442f4318be3db
Patch
https://git.kernel.org/stable/c/e6cd871627abbb459d0ff6521d6bb9cf9d9f7522
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html