{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-27030", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.211Z", "datePublished": "2024-05-01T12:53:25.954Z", "dateUpdated": "2024-11-05T09:20:17.352Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:20:17.352Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/marvell/octeontx2/af/rvu.c"], "versions": [{"version": "7304ac4567bc", "lessThan": "94cb17e5cf3a", "status": "affected", "versionType": "git"}, {"version": "7304ac4567bc", "lessThan": "766c2627acb2", "status": "affected", "versionType": "git"}, {"version": "7304ac4567bc", "lessThan": "772f18ded0e2", "status": "affected", "versionType": "git"}, {"version": "7304ac4567bc", "lessThan": "29d2550d79a8", "status": "affected", "versionType": "git"}, {"version": "7304ac4567bc", "lessThan": "dc29dd00705a", "status": "affected", "versionType": "git"}, {"version": "7304ac4567bc", "lessThan": "ad6759e233db", "status": "affected", "versionType": "git"}, {"version": "7304ac4567bc", "lessThan": "4fedae8f9eaf", "status": "affected", "versionType": "git"}, {"version": "7304ac4567bc", "lessThan": "50e60de381c3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/marvell/octeontx2/af/rvu.c"], "versions": [{"version": "4.20", "status": "affected"}, {"version": "0", "lessThan": "4.20", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2"}, {"url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a"}, {"url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70"}, {"url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44"}, {"url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d"}, {"url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c"}, {"url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701"}, {"url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c"}], "title": "octeontx2-af: Use separate handlers for interrupts", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.937Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27030", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:44:21.007612Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:33.167Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.937Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27030", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:44:21.007612Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:17.285Z"}}], "cna": {"title": "octeontx2-af: Use separate handlers for interrupts", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "7304ac4567bc", "lessThan": "94cb17e5cf3a", "versionType": "git"}, {"status": "affected", "version": "7304ac4567bc", "lessThan": "766c2627acb2", "versionType": "git"}, {"status": "affected", "version": "7304ac4567bc", "lessThan": "772f18ded0e2", "versionType": "git"}, {"status": "affected", "version": "7304ac4567bc", "lessThan": "29d2550d79a8", "versionType": "git"}, {"status": "affected", "version": "7304ac4567bc", "lessThan": "dc29dd00705a", "versionType": "git"}, {"status": "affected", "version": "7304ac4567bc", "lessThan": "ad6759e233db", "versionType": "git"}, {"status": "affected", "version": "7304ac4567bc", "lessThan": "4fedae8f9eaf", "versionType": "git"}, {"status": "affected", "version": "7304ac4567bc", "lessThan": "50e60de381c3", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/marvell/octeontx2/af/rvu.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.20"}, {"status": "unaffected", "version": "0", "lessThan": "4.20", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.273", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ethernet/marvell/octeontx2/af/rvu.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2"}, {"url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a"}, {"url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70"}, {"url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44"}, {"url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d"}, {"url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c"}, {"url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701"}, {"url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:20:17.352Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27030", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:20:17.352Z", "dateReserved": "2024-02-19T14:20:24.211Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-01T12:53:25.954Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: octeontx2-af: utilice controladores separados para las interrupciones. Para el vector de interrupci\u00f3n PF a AF y el vector VF a AF, se registra el mismo controlador de interrupciones, lo que provoca la condici\u00f3n de ejecuci\u00f3n. Cuando se generan dos interrupciones en dos CPU al mismo tiempo, dos n\u00facleos atienden el mismo evento y corrompen los datos."}], "id": "CVE-2024-27030", "lastModified": "2024-11-21T09:03:42.103", "metrics": {}, "published": "2024-05-01T13:15:49.137", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:4928", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.28.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4928", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.28.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:5066", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.77.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:5067", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.77.1.rt14.362.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-08-07T00:00:00Z"}], "bugzilla": {"description": "kernel: octeontx2-af: race condition on interupts", "id": "2278473", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278473"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nocteontx2-af: Use separate handlers for interrupts\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data.", "A race condition vulnerability was found in the Linux kernel. When AF and PF interrupts are raised at the same time in the CPU, two cores serve same event, corrupting the data."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-27030", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27030\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27030\nhttps://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27030-d75a@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.273, kernel 5.10.214, kernel 5.15.153, kernel 6.1.83, kernel 6.6.23, kernel 6.7.11, kernel 6.8.2, kernel 6.9-rc1"}