This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Package CPE Advisory Released Date
Red Hat Enterprise Linux 9
kernel-0:5.14.0-427.31.1.el9_4 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:5363 2024-08-15T00:00:00Z
kernel-0:5.14.0-427.31.1.el9_4 cpe:/o:redhat:enterprise_linux:9 RHSA-2024:5363 2024-08-15T00:00:00Z

No data.

Subscriptions

Vendors Products
Redhat Subscribe
Enterprise Linux Subscribe

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-3840-1 linux security update
Debian DSA Debian DSA DSA-5730-1 linux security update
Ubuntu USN Ubuntu USN USN-6951-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6951-2 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-6951-3 Linux kernel (Azure) vulnerabilities
Ubuntu USN Ubuntu USN USN-6951-4 Linux kernel (BlueField) vulnerabilities
Ubuntu USN Ubuntu USN USN-6953-1 Linux kernel (Oracle) vulnerabilities
Ubuntu USN Ubuntu USN USN-6979-1 Linux kernel (Raspberry Pi) vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://lore.kernel.org/linux-cve-announce/2024062137-CVE-2024-37353-71d4@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-37353 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-37353 cve-icon
History

Thu, 22 Aug 2024 00:30:00 +0000

Type Values Removed Values Added
References

Thu, 22 Aug 2024 00:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: virtio: delete vq in vp_find_vqs_msix() when request_irq() fails When request_irq() fails, error path calls vp_del_vqs(). There, as vq is present in the list, free_irq() is called for the same vector. That causes following splat: [ 0.414355] Trying to free already-free IRQ 27 [ 0.414403] WARNING: CPU: 1 PID: 1 at kernel/irq/manage.c:1899 free_irq+0x1a1/0x2d0 [ 0.414510] Modules linked in: [ 0.414540] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc4+ #27 [ 0.414540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014 [ 0.414540] RIP: 0010:free_irq+0x1a1/0x2d0 [ 0.414540] Code: 1e 00 48 83 c4 08 48 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 90 8b 74 24 04 48 c7 c7 98 80 6c b1 e8 00 c9 f7 ff 90 <0f> 0b 90 90 48 89 ee 4c 89 ef e8 e0 20 b8 00 49 8b 47 40 48 8b 40 [ 0.414540] RSP: 0000:ffffb71480013ae0 EFLAGS: 00010086 [ 0.414540] RAX: 0000000000000000 RBX: ffffa099c2722000 RCX: 0000000000000000 [ 0.414540] RDX: 0000000000000000 RSI: ffffb71480013998 RDI: 0000000000000001 [ 0.414540] RBP: 0000000000000246 R08: 00000000ffffdfff R09: 0000000000000001 [ 0.414540] R10: 00000000ffffdfff R11: ffffffffb18729c0 R12: ffffa099c1c91760 [ 0.414540] R13: ffffa099c1c916a4 R14: ffffa099c1d2f200 R15: ffffa099c1c91600 [ 0.414540] FS: 0000000000000000(0000) GS:ffffa099fec40000(0000) knlGS:0000000000000000 [ 0.414540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 0.414540] CR2: 0000000000000000 CR3: 0000000008e3e001 CR4: 0000000000370ef0 [ 0.414540] Call Trace: [ 0.414540] <TASK> [ 0.414540] ? __warn+0x80/0x120 [ 0.414540] ? free_irq+0x1a1/0x2d0 [ 0.414540] ? report_bug+0x164/0x190 [ 0.414540] ? handle_bug+0x3b/0x70 [ 0.414540] ? exc_invalid_op+0x17/0x70 [ 0.414540] ? asm_exc_invalid_op+0x1a/0x20 [ 0.414540] ? free_irq+0x1a1/0x2d0 [ 0.414540] vp_del_vqs+0xc1/0x220 [ 0.414540] vp_find_vqs_msix+0x305/0x470 [ 0.414540] vp_find_vqs+0x3e/0x1a0 [ 0.414540] vp_modern_find_vqs+0x1b/0x70 [ 0.414540] init_vqs+0x387/0x600 [ 0.414540] virtnet_probe+0x50a/0xc80 [ 0.414540] virtio_dev_probe+0x1e0/0x2b0 [ 0.414540] really_probe+0xc0/0x2c0 [ 0.414540] ? __pfx___driver_attach+0x10/0x10 [ 0.414540] __driver_probe_device+0x73/0x120 [ 0.414540] driver_probe_device+0x1f/0xe0 [ 0.414540] __driver_attach+0x88/0x180 [ 0.414540] bus_for_each_dev+0x85/0xd0 [ 0.414540] bus_add_driver+0xec/0x1f0 [ 0.414540] driver_register+0x59/0x100 [ 0.414540] ? __pfx_virtio_net_driver_init+0x10/0x10 [ 0.414540] virtio_net_driver_init+0x90/0xb0 [ 0.414540] do_one_initcall+0x58/0x230 [ 0.414540] kernel_init_freeable+0x1a3/0x2d0 [ 0.414540] ? __pfx_kernel_init+0x10/0x10 [ 0.414540] kernel_init+0x1a/0x1c0 [ 0.414540] ret_from_fork+0x31/0x50 [ 0.414540] ? __pfx_kernel_init+0x10/0x10 [ 0.414540] ret_from_fork_asm+0x1a/0x30 [ 0.414540] </TASK> Fix this by calling deleting the current vq when request_irq() fails. This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title virtio: delete vq in vp_find_vqs_msix() when request_irq() fails kernel: virtio: delete vq in vp_find_vqs_msix() when request_irq() fails

Fri, 16 Aug 2024 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
cve-icon MITRE

Status: REJECTED

Assigner: Linux

Published:

Updated: 2024-08-21T23:54:07.622Z

Reserved: 2024-06-21T10:13:16.289Z

Link: CVE-2024-37353

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Rejected

Published: 2024-06-21T11:15:10.590

Modified: 2024-08-22T00:15:05.760

Link: CVE-2024-37353

cve-icon Redhat

Severity : Low

Publid Date: 2024-06-21T00:00:00Z

Links: CVE-2024-37353 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses