{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-39292", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-21T11:16:40.627Z", "datePublished": "2024-06-24T13:52:26.769Z", "dateUpdated": "2024-08-02T04:19:20.680Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-15T06:49:46.558Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\num: Add winch to winch_handlers before registering winch IRQ\n\nRegistering a winch IRQ is racy, an interrupt may occur before the winch is\nadded to the winch_handlers list.\n\nIf that happens, register_winch_irq() adds to that list a winch that is\nscheduled to be (or has already been) freed, causing a panic later in\nwinch_cleanup().\n\nAvoid the race by adding the winch to the winch_handlers list before\nregistering the IRQ, and rolling back if um_request_irq() fails."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/um/drivers/line.c"], "versions": [{"version": "42a359e31a0e", "lessThan": "66ea9a7c6824", "status": "affected", "versionType": "git"}, {"version": "42a359e31a0e", "lessThan": "dc1ff95602ee", "status": "affected", "versionType": "git"}, {"version": "42a359e31a0e", "lessThan": "351d1a645449", "status": "affected", "versionType": "git"}, {"version": "42a359e31a0e", "lessThan": "31960d991e43", "status": "affected", "versionType": "git"}, {"version": "42a359e31a0e", "lessThan": "0c02d425a2fb", "status": "affected", "versionType": "git"}, {"version": "42a359e31a0e", "lessThan": "434a06c38ee1", "status": "affected", "versionType": "git"}, {"version": "42a359e31a0e", "lessThan": "73b8e21f76c7", "status": "affected", "versionType": "git"}, {"version": "42a359e31a0e", "lessThan": "a0fbbd36c156", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/um/drivers/line.c"], "versions": [{"version": "2.6.23", "status": "affected"}, {"version": "0", "lessThan": "2.6.23", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.316", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.278", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.219", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.161", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.93", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.33", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9.4", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/66ea9a7c6824821476914bed21a476cd20094f33"}, {"url": "https://git.kernel.org/stable/c/dc1ff95602ee908fcd7d8acee7a0dadb61b1a0c0"}, {"url": "https://git.kernel.org/stable/c/351d1a64544944b44732f6a64ed65573b00b9e14"}, {"url": "https://git.kernel.org/stable/c/31960d991e43c8d6dc07245f19fc13398e90ead2"}, {"url": "https://git.kernel.org/stable/c/0c02d425a2fbe52643a5859a779db0329e7dddd4"}, {"url": "https://git.kernel.org/stable/c/434a06c38ee1217a8baa0dd7c37cc85d50138fb0"}, {"url": "https://git.kernel.org/stable/c/73b8e21f76c7dda4905655d2e2c17dc5a73b87f1"}, {"url": "https://git.kernel.org/stable/c/a0fbbd36c156b9f7b2276871d499c9943dfe5101"}], "title": "um: Add winch to winch_handlers before registering winch IRQ", "x_generator": {"engine": "bippy-c9c4e1df01b2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-24T15:15:10.639136Z", "id": "CVE-2024-39292", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-24T15:15:20.044Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:19:20.680Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/66ea9a7c6824821476914bed21a476cd20094f33", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc1ff95602ee908fcd7d8acee7a0dadb61b1a0c0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/351d1a64544944b44732f6a64ed65573b00b9e14", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/31960d991e43c8d6dc07245f19fc13398e90ead2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0c02d425a2fbe52643a5859a779db0329e7dddd4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/434a06c38ee1217a8baa0dd7c37cc85d50138fb0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/73b8e21f76c7dda4905655d2e2c17dc5a73b87f1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a0fbbd36c156b9f7b2276871d499c9943dfe5101", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39292", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-24T15:15:10.639136Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-24T15:15:17.130Z"}}], "cna": {"title": "um: Add winch to winch_handlers before registering winch IRQ", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "42a359e31a0e", "lessThan": "66ea9a7c6824", "versionType": "git"}, {"status": "affected", "version": "42a359e31a0e", "lessThan": "dc1ff95602ee", "versionType": "git"}, {"status": "affected", "version": "42a359e31a0e", "lessThan": "351d1a645449", "versionType": "git"}, {"status": "affected", "version": "42a359e31a0e", "lessThan": "31960d991e43", "versionType": "git"}, {"status": "affected", "version": "42a359e31a0e", "lessThan": "0c02d425a2fb", "versionType": "git"}, {"status": "affected", "version": "42a359e31a0e", "lessThan": "434a06c38ee1", "versionType": "git"}, {"status": "affected", "version": "42a359e31a0e", "lessThan": "73b8e21f76c7", "versionType": "git"}, {"status": "affected", "version": "42a359e31a0e", "lessThan": "a0fbbd36c156", "versionType": "git"}], "programFiles": ["arch/um/drivers/line.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.23"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.23", "versionType": "custom"}, {"status": "unaffected", "version": "4.19.316", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.278", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.219", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.161", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.93", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.33", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.4", "versionType": "custom", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["arch/um/drivers/line.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/66ea9a7c6824821476914bed21a476cd20094f33"}, {"url": "https://git.kernel.org/stable/c/dc1ff95602ee908fcd7d8acee7a0dadb61b1a0c0"}, {"url": "https://git.kernel.org/stable/c/351d1a64544944b44732f6a64ed65573b00b9e14"}, {"url": "https://git.kernel.org/stable/c/31960d991e43c8d6dc07245f19fc13398e90ead2"}, {"url": "https://git.kernel.org/stable/c/0c02d425a2fbe52643a5859a779db0329e7dddd4"}, {"url": "https://git.kernel.org/stable/c/434a06c38ee1217a8baa0dd7c37cc85d50138fb0"}, {"url": "https://git.kernel.org/stable/c/73b8e21f76c7dda4905655d2e2c17dc5a73b87f1"}, {"url": "https://git.kernel.org/stable/c/a0fbbd36c156b9f7b2276871d499c9943dfe5101"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\num: Add winch to winch_handlers before registering winch IRQ\n\nRegistering a winch IRQ is racy, an interrupt may occur before the winch is\nadded to the winch_handlers list.\n\nIf that happens, register_winch_irq() adds to that list a winch that is\nscheduled to be (or has already been) freed, causing a panic later in\nwinch_cleanup().\n\nAvoid the race by adding the winch to the winch_handlers list before\nregistering the IRQ, and rolling back if um_request_irq() fails."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-15T06:49:46.558Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39292", "state": "PUBLISHED", "dateUpdated": "2024-07-15T06:49:46.558Z", "dateReserved": "2024-06-21T11:16:40.627Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-24T13:52:26.769Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE323F46-5BE8-40FC-B564-B21ADE5D4DC6", "versionEndExcluding": "2.6.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "34445C8D-D7E6-4796-B792-C9257E89257B", "versionEndExcluding": "4.19.316", "versionStartIncluding": "4.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E2371B0-4787-4038-B526-021D4CF93B31", "versionEndExcluding": "5.4.278", "versionStartIncluding": "5.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5311C980-4CDF-4C10-8875-F04ED0F03398", "versionEndExcluding": "5.10.219", "versionStartIncluding": "5.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3", "versionEndExcluding": "5.15.161", "versionStartIncluding": "5.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7446FC33-DC4F-4D31-94B5-FB577CFA66F4", "versionEndExcluding": "6.1.93", "versionStartIncluding": "6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD", "versionEndExcluding": "6.6.33", "versionStartIncluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE", "versionEndExcluding": "6.9.4", "versionStartIncluding": "6.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\num: Add winch to winch_handlers before registering winch IRQ\n\nRegistering a winch IRQ is racy, an interrupt may occur before the winch is\nadded to the winch_handlers list.\n\nIf that happens, register_winch_irq() adds to that list a winch that is\nscheduled to be (or has already been) freed, causing a panic later in\nwinch_cleanup().\n\nAvoid the race by adding the winch to the winch_handlers list before\nregistering the IRQ, and rolling back if um_request_irq() fails."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: um: Agregar cabrestante a winch_handlers antes de registrar la IRQ del cabrestante Registrar una IRQ del cabrestante es picante, puede ocurrir una interrupci\u00f3n antes de que el cabrestante se agregue a la lista de winch_handlers. Si eso sucede, Register_winch_irq() agrega a esa lista un cabrestante que est\u00e1 programado para ser liberado (o que ya ha sido) liberado, causando p\u00e1nico m\u00e1s adelante en winch_cleanup(). Evite la ejecuci\u00f3n agregando el cabrestante a la lista winch_handlers antes de registrar la IRQ y retrocediendo si um_request_irq() falla."}], "id": "CVE-2024-39292", "lastModified": "2024-07-15T07:15:14.940", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-24T14:15:12.943", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/0c02d425a2fbe52643a5859a779db0329e7dddd4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/31960d991e43c8d6dc07245f19fc13398e90ead2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/351d1a64544944b44732f6a64ed65573b00b9e14"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/434a06c38ee1217a8baa0dd7c37cc85d50138fb0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/66ea9a7c6824821476914bed21a476cd20094f33"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/73b8e21f76c7dda4905655d2e2c17dc5a73b87f1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/a0fbbd36c156b9f7b2276871d499c9943dfe5101"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/dc1ff95602ee908fcd7d8acee7a0dadb61b1a0c0"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: um: Add winch to winch_handlers before registering winch IRQ", "id": "2294222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294222"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-364", "details": ["In the Linux kernel, the following vulnerability has been resolved:\num: Add winch to winch_handlers before registering winch IRQ\nRegistering a winch IRQ is racy, an interrupt may occur before the winch is\nadded to the winch_handlers list.\nIf that happens, register_winch_irq() adds to that list a winch that is\nscheduled to be (or has already been) freed, causing a panic later in\nwinch_cleanup().\nAvoid the race by adding the winch to the winch_handlers list before\nregistering the IRQ, and rolling back if um_request_irq() fails.", "A vulnerability was found in the Linux kernel's handling of winch IRQs. This issue involves the registration of winch IRQs before adding winch handlers to the winch_handlers list. This oversight could potentially lead to improper IRQ handling and impact system stability or security. This issue has been resolved by ensuring that winch handlers are added to the list before the IRQs are registered."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-39292", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39292\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-39292\nhttps://lore.kernel.org/linux-cve-announce/2024062432-CVE-2024-39292-e5c2@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 4.19.316, kernel 5.4.278, kernel 5.10.219, kernel 5.15.161, kernel 6.1.93, kernel 6.6.33, kernel 6.9.4, kernel 6.10-rc1"}