In the Linux kernel, the following vulnerability has been resolved:

vfio/pci: Disable auto-enable of exclusive INTx IRQ

Currently for devices requiring masking at the irqchip for INTx, ie.
devices without DisINTx support, the IRQ is enabled in request_irq()
and subsequently disabled as necessary to align with the masked status
flag. This presents a window where the interrupt could fire between
these events, resulting in the IRQ incrementing the disable depth twice.
This would be unrecoverable for a user since the masked flag prevents
nested enables through vfio.

Instead, invert the logic using IRQF_NO_AUTOEN such that exclusive INTx
is never auto-enabled, then unmask as required.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-3842-1 linux-5.10 security update
Debian DSA Debian DSA DSA-5658-1 linux security update
Debian DSA Debian DSA DSA-5681-1 linux security update
Ubuntu USN Ubuntu USN USN-6816-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6817-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6817-2 Linux kernel (OEM) vulnerabilities
Ubuntu USN Ubuntu USN USN-6817-3 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6878-1 Linux kernel (Oracle) vulnerabilities
Ubuntu USN Ubuntu USN USN-6896-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6896-2 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6896-3 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6896-4 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6896-5 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6898-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6898-2 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6898-3 Linux kernel kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6898-4 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6917-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6919-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6927-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7019-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7028-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-7028-2 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-7039-1 Linux kernel vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 27 Mar 2025 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Debian
Debian debian Linux
Linux
Linux linux Kernel
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Debian
Debian debian Linux
Linux
Linux linux Kernel
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}


Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Wed, 13 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux

Tue, 05 Nov 2024 10:45:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-05-04T09:05:06.189Z

Reserved: 2024-02-25T13:47:42.687Z

Link: CVE-2024-27437

cve-icon Vulnrichment

Updated: 2024-06-06T19:03:22.219Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-05T09:15:09.443

Modified: 2025-03-27T21:37:24.097

Link: CVE-2024-27437

cve-icon Redhat

Severity : Low

Publid Date: 2024-04-05T00:00:00Z

Links: CVE-2024-27437 - Bugzilla

cve-icon OpenCVE Enrichment

No data.