CVE-2024-26650

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-26650
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

23 May 2024, 14:15

Type Values Removed Values Added
References
  • {'url': 'https://git.kernel.org/stable/c/2841631a03652f32b595c563695d0461072e0de4', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/5913320eb0b3ec88158cfcb0fa5e996bf4ef681b', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/847e1eb30e269a094da046c08273abe3f3361cf2', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://git.kernel.org/stable/c/d281ac9a987c553d93211b90fd4fe97d8eca32cd', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: plataforma/x86: p2sb: permitir llamadas a p2sb_bar() durante la sonda del dispositivo PCI p2sb_bar() muestra el dispositivo P2SB para obtener recursos del dispositivo. Protege la operación bloqueando pci_rescan_remove_lock para que los rescaneos paralelos no encuentren el dispositivo P2SB. Sin embargo, este bloqueo provoca un interbloqueo cuando /sys/bus/pci/rescan activa la nueva exploración del bus PCI. La nueva exploración bloquea pci_rescan_remove_lock y sondea los dispositivos PCI. Cuando los dispositivos PCI llaman a p2sb_bar() durante la prueba, bloquea pci_rescan_remove_lock nuevamente. De ahí el punto muerto. Para evitar el punto muerto, no bloquee pci_rescan_remove_lock en p2sb_bar(). En su lugar, realice el bloqueo en fs_initcall. Introduzca p2sb_cache_resources() para fs_initcall que obtiene y almacena en caché los recursos de P2SB. En p2sb_bar(), consulte el caché y regrese a la persona que llama. Antes de operar el dispositivo en P2SB DEVFN para caché de recursos, verifique que su clase de dispositivo sea PCI_CLASS_MEMORY_OTHER 0x0580 que definen las especificaciones PCH. Esto evita el funcionamiento inesperado de otros dispositivos en el mismo DEVFN. Probado por Klara Modin
Summary (en) In the Linux kernel, the following vulnerability has been resolved: platform/x86: p2sb: Allow p2sb_bar() calls during PCI device probe p2sb_bar() unhides P2SB device to get resources from the device. It guards the operation by locking pci_rescan_remove_lock so that parallel rescans do not find the P2SB device. However, this lock causes deadlock when PCI bus rescan is triggered by /sys/bus/pci/rescan. The rescan locks pci_rescan_remove_lock and probes PCI devices. When PCI devices call p2sb_bar() during probe, it locks pci_rescan_remove_lock again. Hence the deadlock. To avoid the deadlock, do not lock pci_rescan_remove_lock in p2sb_bar(). Instead, do the lock at fs_initcall. Introduce p2sb_cache_resources() for fs_initcall which gets and caches the P2SB resources. At p2sb_bar(), refer the cache and return to the caller. Before operating the device at P2SB DEVFN for resource cache, check that its device class is PCI_CLASS_MEMORY_OTHER 0x0580 that PCH specifications define. This avoids unexpected operation to other devices at the same DEVFN. Tested-by Klara Modin <klarasmodin@gmail.com> (en) Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

26 Mar 2024, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-26 18:15

Updated : 2024-05-23 14:15

NVD link : CVE-2024-26650

Mitre link : CVE-2024-26650

CVE.ORG link : CVE-2024-26650

JSON object : View

Products Affected

No product.

CWE

No CWE.