{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42090", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-29T15:50:41.172Z", "datePublished": "2024-07-29T16:26:30.139Z", "dateUpdated": "2024-11-05T09:37:12.573Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:37:12.573Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER\n\nIn create_pinctrl(), pinctrl_maps_mutex is acquired before calling\nadd_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl()\ncalls pinctrl_free(). However, pinctrl_free() attempts to acquire\npinctrl_maps_mutex, which is already held by create_pinctrl(), leading to\na potential deadlock.\n\nThis patch resolves the issue by releasing pinctrl_maps_mutex before\ncalling pinctrl_free(), preventing the deadlock.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/pinctrl/core.c"], "versions": [{"version": "42fed7ba44e4", "lessThan": "e65a0dc2e85e", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "420ce1261907", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "b813e3fd102a", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "01fe2f885f78", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "b36efd2e3e22", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "4038c57bf616", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "48a7a7c9571c", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "adec57ff8e66", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/pinctrl/core.c"], "versions": [{"version": "3.10", "status": "affected"}, {"version": "0", "lessThan": "3.10", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.317", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.279", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.221", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.162", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.97", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.37", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.8", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e65a0dc2e85efb28e182aca50218e8a056d0ce04"}, {"url": "https://git.kernel.org/stable/c/420ce1261907e5dbeda1e4daffd5b6c76f8188c0"}, {"url": "https://git.kernel.org/stable/c/b813e3fd102a959c5b208ed68afe27e0137a561b"}, {"url": "https://git.kernel.org/stable/c/01fe2f885f7813f8aed5d3704b384a97b1116a9e"}, {"url": "https://git.kernel.org/stable/c/b36efd2e3e22a329444b6b24fa48df6d20ae66e6"}, {"url": "https://git.kernel.org/stable/c/4038c57bf61631219b31f1bd6e92106ec7f084dc"}, {"url": "https://git.kernel.org/stable/c/48a7a7c9571c3e62f17012dd7f2063e926179ddd"}, {"url": "https://git.kernel.org/stable/c/adec57ff8e66aee632f3dd1f93787c13d112b7a1"}], "title": "pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.186Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e65a0dc2e85efb28e182aca50218e8a056d0ce04", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/420ce1261907e5dbeda1e4daffd5b6c76f8188c0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b813e3fd102a959c5b208ed68afe27e0137a561b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/01fe2f885f7813f8aed5d3704b384a97b1116a9e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b36efd2e3e22a329444b6b24fa48df6d20ae66e6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4038c57bf61631219b31f1bd6e92106ec7f084dc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/48a7a7c9571c3e62f17012dd7f2063e926179ddd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/adec57ff8e66aee632f3dd1f93787c13d112b7a1", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42090", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:18:41.131591Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:01.081Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42090", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-29T15:50:41.172Z", "datePublished": "2024-07-29T16:26:30.139Z", "dateUpdated": "2024-08-02T04:54:32.186Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-29T16:26:30.139Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER\n\nIn create_pinctrl(), pinctrl_maps_mutex is acquired before calling\nadd_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl()\ncalls pinctrl_free(). However, pinctrl_free() attempts to acquire\npinctrl_maps_mutex, which is already held by create_pinctrl(), leading to\na potential deadlock.\n\nThis patch resolves the issue by releasing pinctrl_maps_mutex before\ncalling pinctrl_free(), preventing the deadlock.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/pinctrl/core.c"], "versions": [{"version": "42fed7ba44e4", "lessThan": "e65a0dc2e85e", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "420ce1261907", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "b813e3fd102a", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "01fe2f885f78", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "b36efd2e3e22", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "4038c57bf616", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "48a7a7c9571c", "status": "affected", "versionType": "git"}, {"version": "42fed7ba44e4", "lessThan": "adec57ff8e66", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/pinctrl/core.c"], "versions": [{"version": "3.10", "status": "affected"}, {"version": "0", "lessThan": "3.10", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.317", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.279", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.221", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.162", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.97", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.37", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9.8", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e65a0dc2e85efb28e182aca50218e8a056d0ce04"}, {"url": "https://git.kernel.org/stable/c/420ce1261907e5dbeda1e4daffd5b6c76f8188c0"}, {"url": "https://git.kernel.org/stable/c/b813e3fd102a959c5b208ed68afe27e0137a561b"}, {"url": "https://git.kernel.org/stable/c/01fe2f885f7813f8aed5d3704b384a97b1116a9e"}, {"url": "https://git.kernel.org/stable/c/b36efd2e3e22a329444b6b24fa48df6d20ae66e6"}, {"url": "https://git.kernel.org/stable/c/4038c57bf61631219b31f1bd6e92106ec7f084dc"}, {"url": "https://git.kernel.org/stable/c/48a7a7c9571c3e62f17012dd7f2063e926179ddd"}, {"url": "https://git.kernel.org/stable/c/adec57ff8e66aee632f3dd1f93787c13d112b7a1"}], "title": "pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER", "x_generator": {"engine": "bippy-c9c4e1df01b2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42090", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:18:41.131591Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-09-11T12:42:14.076Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "329AE6C4-35E9-4E17-A359-0FB8F558F8FA", "versionEndExcluding": "4.19.317", "versionStartIncluding": "3.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4E38E58-1B9F-4DF2-AD3D-A8BEAA2959D8", "versionEndExcluding": "5.4.279", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "659E1520-6345-41AF-B893-A7C0647585A0", "versionEndExcluding": "5.10.221", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "10A39ACC-3005-40E8-875C-98A372D1FFD5", "versionEndExcluding": "5.15.162", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "748B6C4B-1F61-47F9-96CC-8899B8412D84", "versionEndExcluding": "6.1.97", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D72E033B-5323-4C4D-8818-36E1EBC3535F", "versionEndExcluding": "6.6.37", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E95105F2-32E3-4C5F-9D18-7AEFD0E6275C", "versionEndExcluding": "6.9.8", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER\n\nIn create_pinctrl(), pinctrl_maps_mutex is acquired before calling\nadd_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl()\ncalls pinctrl_free(). However, pinctrl_free() attempts to acquire\npinctrl_maps_mutex, which is already held by create_pinctrl(), leading to\na potential deadlock.\n\nThis patch resolves the issue by releasing pinctrl_maps_mutex before\ncalling pinctrl_free(), preventing the deadlock.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pinctrl: soluciona el punto muerto en create_pinctrl() al manejar -EPROBE_DEFER En create_pinctrl(), pinctrl_maps_mutex se adquiere antes de llamar a add_setting(). Si add_setting() devuelve -EPROBE_DEFER, create_pinctrl() llama a pinctrl_free(). Sin embargo, pinctrl_free() intenta adquirir pinctrl_maps_mutex, que ya est\u00e1 en manos de create_pinctrl(), lo que lleva a un posible punto muerto. Este parche resuelve el problema liberando pinctrl_maps_mutex antes de llamar a pinctrl_free(), evitando el punto muerto. Este error fue descubierto y resuelto utilizando Coverity Static Analysis Security Testing (SAST) por Synopsys, Inc."}], "id": "CVE-2024-42090", "lastModified": "2024-11-21T09:33:34.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-29T17:15:11.603", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/01fe2f885f7813f8aed5d3704b384a97b1116a9e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4038c57bf61631219b31f1bd6e92106ec7f084dc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/420ce1261907e5dbeda1e4daffd5b6c76f8188c0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/48a7a7c9571c3e62f17012dd7f2063e926179ddd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/adec57ff8e66aee632f3dd1f93787c13d112b7a1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b36efd2e3e22a329444b6b24fa48df6d20ae66e6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b813e3fd102a959c5b208ed68afe27e0137a561b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e65a0dc2e85efb28e182aca50218e8a056d0ce04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/01fe2f885f7813f8aed5d3704b384a97b1116a9e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4038c57bf61631219b31f1bd6e92106ec7f084dc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/420ce1261907e5dbeda1e4daffd5b6c76f8188c0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/48a7a7c9571c3e62f17012dd7f2063e926179ddd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/adec57ff8e66aee632f3dd1f93787c13d112b7a1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b36efd2e3e22a329444b6b24fa48df6d20ae66e6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b813e3fd102a959c5b208ed68afe27e0137a561b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e65a0dc2e85efb28e182aca50218e8a056d0ce04"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:7001", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:7000", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.22.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:8157", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.88.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:8158", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.88.1.rt14.373.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-16T00:00:00Z"}], "bugzilla": {"description": "kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER", "id": "2300552", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300552"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-833", "details": ["In the Linux kernel, the following vulnerability has been resolved:\npinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER\nIn create_pinctrl(), pinctrl_maps_mutex is acquired before calling\nadd_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl()\ncalls pinctrl_free(). However, pinctrl_free() attempts to acquire\npinctrl_maps_mutex, which is already held by create_pinctrl(), leading to\na potential deadlock.\nThis patch resolves the issue by releasing pinctrl_maps_mutex before\ncalling pinctrl_free(), preventing the deadlock.\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc.", "A deadlock flaw was found in the Linux kernel\u2019s pinctrl subsystem. This flaw allows a local user to crash the system."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42090", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42090\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42090\nhttps://lore.kernel.org/linux-cve-announce/2024072946-CVE-2024-42090-5687@gregkh/T"], "statement": "No known reproducer for this issue. It can happen due to some complex preconditions and in-error path handling.", "threat_severity": "Moderate", "upstream_fix": "kernel 4.19.317, kernel 5.4.279, kernel 5.10.221, kernel 5.15.162, kernel 6.1.97, kernel 6.6.37, kernel 6.9.8, kernel 6.10"}