{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35806", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T12:19:12.342Z", "datePublished": "2024-05-17T13:23:14.214Z", "dateUpdated": "2024-12-19T08:55:31.372Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:55:31.372Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: Always disable interrupts when taking cgr_lock\n\nsmp_call_function_single disables IRQs when executing the callback. To\nprevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.\nThis is already done by qman_update_cgr and qman_delete_cgr; fix the\nother lockers."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/soc/fsl/qbman/qman.c"], "versions": [{"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "b56a793f267679945d1fdb9a280013bd2d0ed7f9", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "62c3ecd2833cff0eff4a82af4082c44ca8d2518a", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "dd199e5b759ffe349622a4b8fbcafc51fc51b1ec", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "e6378314bb920acb39013051fa65d8f9f8030430", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "a62168653774c36398d65846a98034436ee66d03", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "0e6521b0f93ff350434ed4ae61a250907e65d397", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "276af8efb05c8e47acf2738a5609dd72acfc703f", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "af25c5180b2b1796342798f6c56fcfd12f5035bd", "status": "affected", "versionType": "git"}, {"version": "96f413f47677366e0ae03797409bfcc4151dbf9e", "lessThan": "584c2a9184a33a40fceee838f856de3cffa19be3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/soc/fsl/qbman/qman.c"], "versions": [{"version": "4.16", "status": "affected"}, {"version": "0", "lessThan": "4.16", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.312", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.274", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.215", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.154", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.84", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.24", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.12", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.3", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9"}, {"url": "https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a"}, {"url": "https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec"}, {"url": "https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430"}, {"url": "https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03"}, {"url": "https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397"}, {"url": "https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f"}, {"url": "https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd"}, {"url": "https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3"}], "title": "soc: fsl: qbman: Always disable interrupts when taking cgr_lock", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35806", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-28T15:22:25.715818Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:34:17.311Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.542Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:47.542Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35806", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-28T15:22:25.715818Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-28T15:22:30.740Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "soc: fsl: qbman: Always disable interrupts when taking cgr_lock", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "96f413f47677", "lessThan": "b56a793f2676", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "62c3ecd2833c", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "dd199e5b759f", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "e6378314bb92", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "a62168653774", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "0e6521b0f93f", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "276af8efb05c", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "af25c5180b2b", "versionType": "git"}, {"status": "affected", "version": "96f413f47677", "lessThan": "584c2a9184a3", "versionType": "git"}], "programFiles": ["drivers/soc/fsl/qbman/qman.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.16"}, {"status": "unaffected", "version": "0", "lessThan": "4.16", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.312", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.274", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.215", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.154", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.84", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.24", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.12", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.3", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/soc/fsl/qbman/qman.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9"}, {"url": "https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a"}, {"url": "https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec"}, {"url": "https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430"}, {"url": "https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03"}, {"url": "https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397"}, {"url": "https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f"}, {"url": "https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd"}, {"url": "https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: Always disable interrupts when taking cgr_lock\n\nsmp_call_function_single disables IRQs when executing the callback. To\nprevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.\nThis is already done by qman_update_cgr and qman_delete_cgr; fix the\nother lockers."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:22:41.536Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35806", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:22:41.536Z", "dateReserved": "2024-05-17T12:19:12.342Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T13:23:14.214Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "525BF19D-8639-4B6B-AA94-CFB64E14FB11", "versionEndExcluding": "4.10", "versionStartIncluding": "4.9.92", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7F25E86-F843-4984-8922-BA18D7CA6888", "versionEndExcluding": "4.15", "versionStartIncluding": "4.14.32", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0C7A9D0-437A-44BC-BB04-9D3BDFD3FA72", "versionEndExcluding": "4.19.312", "versionStartIncluding": "4.15.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F45A0F3C-C16D-49C4-86D6-D021C3D4B834", "versionEndExcluding": "5.4.274", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CD5894E-58E9-4B4A-B0F4-3E6BC134B8F5", "versionEndExcluding": "5.10.215", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "577E212E-7E95-4A71-9B5C-F1D1A3AFFF46", "versionEndExcluding": "5.15.154", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "834D9BD5-42A6-4D74-979E-4D6D93F630FD", "versionEndExcluding": "6.1.84", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8018C1D0-0A5F-48D0-BC72-A2B33FDDA693", "versionEndExcluding": "6.6.24", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BE9771A-BAFD-4624-95F9-58D536540C53", "versionEndExcluding": "6.7.12", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C59BBC3-6495-4A77-9C82-55EC7CDF5E02", "versionEndExcluding": "6.8.3", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: Always disable interrupts when taking cgr_lock\n\nsmp_call_function_single disables IRQs when executing the callback. To\nprevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.\nThis is already done by qman_update_cgr and qman_delete_cgr; fix the\nother lockers."}, {"lang": "es", "value": " En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: soc:fsl:qbman: Desactiva siempre las interrupciones al tomar cgr_lock smp_call_function_single desactiva las IRQ al ejecutar la devoluci\u00f3n de llamada. Para evitar interbloqueos, debemos desactivar las IRQ cuando llevemos cgr_lock a otro lugar. Esto ya lo hacen qman_update_cgr y qman_delete_cgr; arreglar los otros casilleros."}], "id": "CVE-2024-35806", "lastModified": "2025-01-10T18:11:39.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T14:15:14.003", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: soc: fsl: qbman: Always disable interrupts when taking cgr_lock", "id": "2281223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281223"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nsoc: fsl: qbman: Always disable interrupts when taking cgr_lock\nsmp_call_function_single disables IRQs when executing the callback. To\nprevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.\nThis is already done by qman_update_cgr and qman_delete_cgr; fix the\nother lockers.", "A vulnerability was found in the Freescale QBMan driver in the Linux kernel. This issue stems from interrupts not being disabled when taking the cgr_lock, potentially causing race conditions or improper interrupt handling."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35806", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35806\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35806\nhttps://lore.kernel.org/linux-cve-announce/2024051739-CVE-2024-35806-38c3@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 4.19.312, kernel 5.4.274, kernel 5.10.215, kernel 5.15.154, kernel 6.1.84, kernel 6.6.24, kernel 6.7.12, kernel 6.8.3, kernel 6.9"}