{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-35953", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.135Z", "datePublished": "2024-05-20T09:41:47.290Z", "dateUpdated": "2024-12-19T08:58:58.919Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:58:58.919Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in context_xa\n\nivpu_device->context_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\n\nThis deadlock was reported by lockdep and observed in internal tests."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_drv.c"], "versions": [{"version": "35b137630f08d913fc2e33df33ccc2570dff3f7d", "lessThan": "d43e11d9c7fcb16f18bd46ab2556c2772ffc5775", "status": "affected", "versionType": "git"}, {"version": "35b137630f08d913fc2e33df33ccc2570dff3f7d", "lessThan": "e6011411147209bc0cc14628cbc155356837e52a", "status": "affected", "versionType": "git"}, {"version": "35b137630f08d913fc2e33df33ccc2570dff3f7d", "lessThan": "fd7726e75968b27fe98534ccbf47ccd6fef686f3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_drv.c"], "versions": [{"version": "6.3", "status": "affected"}, {"version": "0", "lessThan": "6.3", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.28", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.7", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775"}, {"url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a"}, {"url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3"}], "title": "accel/ivpu: Fix deadlock in context_xa", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.194Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35953", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:40:42.693446Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:14.479Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.194Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35953", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:40:42.693446Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:15.647Z"}}], "cna": {"title": "accel/ivpu: Fix deadlock in context_xa", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "35b137630f08d913fc2e33df33ccc2570dff3f7d", "lessThan": "d43e11d9c7fcb16f18bd46ab2556c2772ffc5775", "versionType": "git"}, {"status": "affected", "version": "35b137630f08d913fc2e33df33ccc2570dff3f7d", "lessThan": "e6011411147209bc0cc14628cbc155356837e52a", "versionType": "git"}, {"status": "affected", "version": "35b137630f08d913fc2e33df33ccc2570dff3f7d", "lessThan": "fd7726e75968b27fe98534ccbf47ccd6fef686f3", "versionType": "git"}], "programFiles": ["drivers/accel/ivpu/ivpu_drv.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.3"}, {"status": "unaffected", "version": "0", "lessThan": "6.3", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.28", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.7", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/accel/ivpu/ivpu_drv.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775"}, {"url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a"}, {"url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in context_xa\n\nivpu_device->context_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\n\nThis deadlock was reported by lockdep and observed in internal tests."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:58:58.919Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35953", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:58:58.919Z", "dateReserved": "2024-05-17T13:50:33.135Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-20T09:41:47.290Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "94DB2B14-8FDF-4353-8D82-F8A6EF128AB4", "versionEndExcluding": "6.6.28", "versionStartIncluding": "6.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "531BDFB5-EF6A-4707-902E-146368303499", "versionEndExcluding": "6.8.7", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in context_xa\n\nivpu_device->context_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\n\nThis deadlock was reported by lockdep and observed in internal tests."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: accel/ivpu: corrige el punto muerto en context_xa ivpu_device->context_xa est\u00e1 bloqueado tanto en el subproceso del kernel como en el contexto IRQ. Requiere que se pase el indicador XA_FLAGS_LOCK_IRQ durante la inicializaci\u00f3n; de lo contrario, el bloqueo podr\u00eda adquirirse de un subproceso e interrumpirse mediante una IRQ que lo bloquee por segunda vez, provocando el punto muerto. Este punto muerto fue informado por lockdep y observado en pruebas internas."}], "id": "CVE-2024-35953", "lastModified": "2025-01-10T18:11:53.623", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-20T10:15:10.717", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d43e11d9c7fcb16f18bd46ab2556c2772ffc5775"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e6011411147209bc0cc14628cbc155356837e52a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fd7726e75968b27fe98534ccbf47ccd6fef686f3"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: accel/ivpu: Fix deadlock in context_xa", "id": "2281935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281935"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\naccel/ivpu: Fix deadlock in context_xa\nivpu_device->context_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\nThis deadlock was reported by lockdep and observed in internal tests.", "A vulnerability was found in the Linux kernel's accel ivpu_drv.c driver, where a deadlock scenario can occur in the ivpu_dev_init() function. This is caused when ivpu_device->context_xa is locked both in the kernel thread and IRQ context, and without the presence of the XA_FLAGS_LOCK_IRQ flag (passed during initialization), a deadlock can result from the lock being acquired from a thread and interrupted by an IRQ that locks it for a second time. This issue could lead to system instability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-35953", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35953\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35953\nhttps://lore.kernel.org/linux-cve-announce/2024052018-CVE-2024-35953-a809@gregkh/T"], "statement": "Red Hat Enterprise Linux is not impacted by this CVE, as this vulnerability does not affect the specific versions or configurations of the Linux kernel used in its distributions. This ensures that users of Red Hat Enterprise Linux are not exposed to the potential risks associated with this issue, and no further action or mitigation is necessary for systems running this operating system.", "threat_severity": "Moderate", "upstream_fix": "kernel 6.6.28, kernel 6.8.7, kernel 6.9"}