In the Linux kernel, the following vulnerability has been resolved: ALSA:
timer: Set lower bound of start tick time Currently ALSA timer doesn’t have
the lower limit of the start tick time, and it allows a very small size,
e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to
an unexpected RCU stall, where the callback repeatedly queuing the expire
update, as reported by fuzzer. This patch introduces a sanity check of the
timer start tick time, so that the system returns an error when a too small
start size is set. As of this patch, the lower limit is hard-coded to
100us, which is small enough but can still work somehow.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < any | UNKNOWN |
git.kernel.org/linus/4a63bd179fa8d3fcc44a0d9d71d941ddd62f0c4e (6.10-rc1)
git.kernel.org/stable/c/2c95241ac5fc90c929d6c0c023e84bf0d30e84c3
git.kernel.org/stable/c/4a63bd179fa8d3fcc44a0d9d71d941ddd62f0c4e
git.kernel.org/stable/c/68396c825c43664b20a3a1ba546844deb2b4e48f
git.kernel.org/stable/c/74bfb8d90f2601718ae203faf45a196844c01fa1
git.kernel.org/stable/c/83f0ba8592b9e258fd80ac6486510ab1dcd7ad6e
git.kernel.org/stable/c/abb1ad69d98cf1ff25bb14fff0e7c3f66239e1cd
git.kernel.org/stable/c/bdd0aa055b8ec7e24bbc19513f3231958741d0ab
git.kernel.org/stable/c/ceab795a67dd28dd942d0d8bba648c6c0f7a044b
launchpad.net/bugs/cve/CVE-2024-38618
nvd.nist.gov/vuln/detail/CVE-2024-38618
security-tracker.debian.org/tracker/CVE-2024-38618
www.cve.org/CVERecord?id=CVE-2024-38618