In the Linux kernel, the following vulnerability has been resolved:
platform/x86: p2sb: Allow p2sb_bar() calls during PCI device probe
p2sb_bar() unhides P2SB device to get resources from the device. It guards
the operation by locking pci_rescan_remove_lock so that parallel rescans do
not find the P2SB device. However, this lock causes deadlock when PCI bus
rescan is triggered by /sys/bus/pci/rescan. The rescan locks
pci_rescan_remove_lock and probes PCI devices. When PCI devices call
p2sb_bar() during probe, it locks pci_rescan_remove_lock again. Hence the
deadlock. To avoid the deadlock, do not lock pci_rescan_remove_lock in
p2sb_bar(). Instead, do the lock at fs_initcall. Introduce
p2sb_cache_resources() for fs_initcall which gets and caches the P2SB
resources. At p2sb_bar(), refer the cache and return to the caller. Before
operating the device at P2SB DEVFN for resource cache, check that its
device class is PCI_CLASS_MEMORY_OTHER 0x0580 that PCH specifications
define. This avoids unexpected operation to other devices at the same
DEVFN. Tested-by Klara Modin <[email protected]>
Author | Note |
---|---|
rodrigo-zaiden | USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/5913320eb0b3ec88158cfcb0fa5e996bf4ef681b (6.8-rc2)
git.kernel.org/stable/c/2841631a03652f32b595c563695d0461072e0de4
git.kernel.org/stable/c/5913320eb0b3ec88158cfcb0fa5e996bf4ef681b
git.kernel.org/stable/c/847e1eb30e269a094da046c08273abe3f3361cf2
git.kernel.org/stable/c/d281ac9a987c553d93211b90fd4fe97d8eca32cd
launchpad.net/bugs/cve/CVE-2024-26650
nvd.nist.gov/vuln/detail/CVE-2024-26650
security-tracker.debian.org/tracker/CVE-2024-26650
www.cve.org/CVERecord?id=CVE-2024-26650