{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42124", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-29T15:50:41.179Z", "datePublished": "2024-07-30T07:46:16.052Z", "dateUpdated": "2024-11-05T09:37:52.446Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:37:52.446Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Make qedf_execute_tmf() non-preemptible\n\nStop calling smp_processor_id() from preemptible code in\nqedf_execute_tmf90. This results in BUG_ON() when running an RT kernel.\n\n[ 659.343280] BUG: using smp_processor_id() in preemptible [00000000] code: sg_reset/3646\n[ 659.343282] caller is qedf_execute_tmf+0x8b/0x360 [qedf]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/qedf/qedf_io.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "4f314aadeed8", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "5ceb40cdee72", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "0a8a91932b27", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "fa49c65a1cec", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "b6ded5316ec5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "2b9c7787cfcd", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "0d8b637c9c5e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/qedf/qedf_io.c"], "versions": [{"version": "5.4.280", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.222", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.163", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.98", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.39", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/4f314aadeed8cdf42c8cf30769425b5e44702748"}, {"url": "https://git.kernel.org/stable/c/5ceb40cdee721e13cbe15a0515cacf984e11236b"}, {"url": "https://git.kernel.org/stable/c/0a8a91932b2772e75bf3f6d133ca4225d1d3e920"}, {"url": "https://git.kernel.org/stable/c/fa49c65a1cec6a3901ef884fdb24d98068b63493"}, {"url": "https://git.kernel.org/stable/c/b6ded5316ec56e973dcf5f9997945aad01a9f062"}, {"url": "https://git.kernel.org/stable/c/2b9c7787cfcd1e76d873a78f16cf45bfa4b100ea"}, {"url": "https://git.kernel.org/stable/c/0d8b637c9c5eeaa1a4e3dfb336f3ff918eb64fec"}], "title": "scsi: qedf: Make qedf_execute_tmf() non-preemptible", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.246Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/4f314aadeed8cdf42c8cf30769425b5e44702748", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5ceb40cdee721e13cbe15a0515cacf984e11236b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0a8a91932b2772e75bf3f6d133ca4225d1d3e920", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fa49c65a1cec6a3901ef884fdb24d98068b63493", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b6ded5316ec56e973dcf5f9997945aad01a9f062", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2b9c7787cfcd1e76d873a78f16cf45bfa4b100ea", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0d8b637c9c5eeaa1a4e3dfb336f3ff918eb64fec", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42124", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:16:47.741543Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:04.801Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/4f314aadeed8cdf42c8cf30769425b5e44702748", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5ceb40cdee721e13cbe15a0515cacf984e11236b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0a8a91932b2772e75bf3f6d133ca4225d1d3e920", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fa49c65a1cec6a3901ef884fdb24d98068b63493", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b6ded5316ec56e973dcf5f9997945aad01a9f062", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2b9c7787cfcd1e76d873a78f16cf45bfa4b100ea", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0d8b637c9c5eeaa1a4e3dfb336f3ff918eb64fec", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.246Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42124", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:16:47.741543Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:14.428Z"}}], "cna": {"title": "scsi: qedf: Make qedf_execute_tmf() non-preemptible", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "4f314aadeed8", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "5ceb40cdee72", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "0a8a91932b27", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "fa49c65a1cec", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "b6ded5316ec5", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "2b9c7787cfcd", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "0d8b637c9c5e", "versionType": "git"}], "programFiles": ["drivers/scsi/qedf/qedf_io.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.4.280", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.222", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.163", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.98", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.39", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.9", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/scsi/qedf/qedf_io.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/4f314aadeed8cdf42c8cf30769425b5e44702748"}, {"url": "https://git.kernel.org/stable/c/5ceb40cdee721e13cbe15a0515cacf984e11236b"}, {"url": "https://git.kernel.org/stable/c/0a8a91932b2772e75bf3f6d133ca4225d1d3e920"}, {"url": "https://git.kernel.org/stable/c/fa49c65a1cec6a3901ef884fdb24d98068b63493"}, {"url": "https://git.kernel.org/stable/c/b6ded5316ec56e973dcf5f9997945aad01a9f062"}, {"url": "https://git.kernel.org/stable/c/2b9c7787cfcd1e76d873a78f16cf45bfa4b100ea"}, {"url": "https://git.kernel.org/stable/c/0d8b637c9c5eeaa1a4e3dfb336f3ff918eb64fec"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Make qedf_execute_tmf() non-preemptible\n\nStop calling smp_processor_id() from preemptible code in\nqedf_execute_tmf90. This results in BUG_ON() when running an RT kernel.\n\n[ 659.343280] BUG: using smp_processor_id() in preemptible [00000000] code: sg_reset/3646\n[ 659.343282] caller is qedf_execute_tmf+0x8b/0x360 [qedf]"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:37:52.446Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42124", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:37:52.446Z", "dateReserved": "2024-07-29T15:50:41.179Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-30T07:46:16.052Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Make qedf_execute_tmf() non-preemptible\n\nStop calling smp_processor_id() from preemptible code in\nqedf_execute_tmf90. This results in BUG_ON() when running an RT kernel.\n\n[ 659.343280] BUG: using smp_processor_id() in preemptible [00000000] code: sg_reset/3646\n[ 659.343282] caller is qedf_execute_tmf+0x8b/0x360 [qedf]"}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: qedf: Hacer que qedf_execute_tmf() no sea preferible Dejar de llamar a smp_processor_id() desde c\u00f3digo preferente en qedf_execute_tmf90. Esto da como resultado BUG_ON() cuando se ejecuta un kernel RT. [659.343280] ERROR: uso de smp_processor_id() en c\u00f3digo interrumpible [00000000]: sg_reset/3646 [659.343282] la persona que llama es qedf_execute_tmf+0x8b/0x360 [qedf]"}], "id": "CVE-2024-42124", "lastModified": "2024-07-30T13:32:45.943", "metrics": {}, "published": "2024-07-30T08:15:04.577", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0a8a91932b2772e75bf3f6d133ca4225d1d3e920"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0d8b637c9c5eeaa1a4e3dfb336f3ff918eb64fec"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2b9c7787cfcd1e76d873a78f16cf45bfa4b100ea"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4f314aadeed8cdf42c8cf30769425b5e44702748"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5ceb40cdee721e13cbe15a0515cacf984e11236b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b6ded5316ec56e973dcf5f9997945aad01a9f062"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fa49c65a1cec6a3901ef884fdb24d98068b63493"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:7001", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:7000", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.22.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible", "id": "2301489", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301489"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-372", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nscsi: qedf: Make qedf_execute_tmf() non-preemptible\nStop calling smp_processor_id() from preemptible code in\nqedf_execute_tmf90. This results in BUG_ON() when running an RT kernel.\n[ 659.343280] BUG: using smp_processor_id() in preemptible [00000000] code: sg_reset/3646\n[ 659.343282] caller is qedf_execute_tmf+0x8b/0x360 [qedf]"], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42124", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42124\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42124\nhttps://lore.kernel.org/linux-cve-announce/2024073025-CVE-2024-42124-e4ad@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.280, kernel 5.10.222, kernel 5.15.163, kernel 6.1.98, kernel 6.6.39, kernel 6.9.9, kernel 6.10"}