CVE - CVE-2024-35819

CVE-ID
CVE-2024-35819	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgr_lock smp_call_function always runs its callback in hard IRQ context, even on PREEMPT_RT, where spinlocks can sleep. So we need to use a raw spinlock for cgr_lock to ensure we aren't waiting on a sleeping task. Although this bug has existed for a while, it was not apparent until commit ef2a8d5478b9 ("net: dpaa: Adjust queue depth on rate change") which invokes smp_call_function_single via qman_update_cgr_safe every time a link goes up or down.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/2b3fede8225133671ce837c0d284804aa3bc7a02 URL:https://git.kernel.org/stable/c/2b3fede8225133671ce837c0d284804aa3bc7a02 MISC:https://git.kernel.org/stable/c/32edca2f03a6cc42c650ddc3ad83d086e3f365d1 URL:https://git.kernel.org/stable/c/32edca2f03a6cc42c650ddc3ad83d086e3f365d1 MISC:https://git.kernel.org/stable/c/54d26adf64c04f186098b39dba86b86037084baa URL:https://git.kernel.org/stable/c/54d26adf64c04f186098b39dba86b86037084baa MISC:https://git.kernel.org/stable/c/9a3ca8292ce9fdcce122706c28c3f07bc857fe5e URL:https://git.kernel.org/stable/c/9a3ca8292ce9fdcce122706c28c3f07bc857fe5e MISC:https://git.kernel.org/stable/c/cd53a8ae5aacb4ecd25088486dea1cd02e74b506 URL:https://git.kernel.org/stable/c/cd53a8ae5aacb4ecd25088486dea1cd02e74b506 MISC:https://git.kernel.org/stable/c/d6b5aac451c9cc12e43ab7308e0e2ddc52c62c14 URL:https://git.kernel.org/stable/c/d6b5aac451c9cc12e43ab7308e0e2ddc52c62c14 MISC:https://git.kernel.org/stable/c/f39d36b7540cf0088ed7ce2de2794f2aa237f6df URL:https://git.kernel.org/stable/c/f39d36b7540cf0088ed7ce2de2794f2aa237f6df MISC:https://git.kernel.org/stable/c/fbec4e7fed89b579f2483041fabf9650fb0dd6bc URL:https://git.kernel.org/stable/c/fbec4e7fed89b579f2483041fabf9650fb0dd6bc MISC:https://git.kernel.org/stable/c/ff50716b7d5b7985979a5b21163cd79fb3d21d59 URL:https://git.kernel.org/stable/c/ff50716b7d5b7985979a5b21163cd79fb3d21d59 MLIST:[debian-lts-announce] 20240625 [SECURITY] [DLA 3842-1] linux-5.10 security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html MLIST:[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Assigning CNA
kernel.org
Date Record Created
20240517	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240517)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)