{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42230", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-30T07:40:12.250Z", "datePublished": "2024-07-30T07:47:10.703Z", "dateUpdated": "2024-09-11T17:34:32.851Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-30T07:47:10.703Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Fix scv instruction crash with kexec\n\nkexec on pseries disables AIL (reloc_on_exc), required for scv\ninstruction support, before other CPUs have been shut down. This means\nthey can execute scv instructions after AIL is disabled, which causes an\ninterrupt at an unexpected entry location that crashes the kernel.\n\nChange the kexec sequence to disable AIL after other CPUs have been\nbrought down.\n\nAs a refresher, the real-mode scv interrupt vector is 0x17000, and the\nfixed-location head code probably couldn't easily deal with implementing\nsuch high addresses so it was just decided not to support that interrupt\nat all."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/powerpc/kexec/core_64.c", "arch/powerpc/platforms/pseries/kexec.c", "arch/powerpc/platforms/pseries/pseries.h", "arch/powerpc/platforms/pseries/setup.c"], "versions": [{"version": "7fa95f9adaee", "lessThan": "c550679d6047", "status": "affected", "versionType": "git"}, {"version": "7fa95f9adaee", "lessThan": "d10e3c39001e", "status": "affected", "versionType": "git"}, {"version": "7fa95f9adaee", "lessThan": "8c6506616386", "status": "affected", "versionType": "git"}, {"version": "7fa95f9adaee", "lessThan": "21a741eb75f8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/powerpc/kexec/core_64.c", "arch/powerpc/platforms/pseries/kexec.c", "arch/powerpc/platforms/pseries/pseries.h", "arch/powerpc/platforms/pseries/setup.c"], "versions": [{"version": "5.9", "status": "affected"}, {"version": "0", "lessThan": "5.9", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.98", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.39", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/c550679d604798d9fed8a5b2bb5693448a25407c"}, {"url": "https://git.kernel.org/stable/c/d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5"}, {"url": "https://git.kernel.org/stable/c/8c6506616386ce37e59b2745fc481c6713fae4f3"}, {"url": "https://git.kernel.org/stable/c/21a741eb75f80397e5f7d3739e24d7d75e619011"}], "title": "powerpc/pseries: Fix scv instruction crash with kexec", "x_generator": {"engine": "bippy-c9c4e1df01b2"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.571Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/c550679d604798d9fed8a5b2bb5693448a25407c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8c6506616386ce37e59b2745fc481c6713fae4f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/21a741eb75f80397e5f7d3739e24d7d75e619011", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42230", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:14:24.948809Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:32.851Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/c550679d604798d9fed8a5b2bb5693448a25407c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8c6506616386ce37e59b2745fc481c6713fae4f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/21a741eb75f80397e5f7d3739e24d7d75e619011", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.571Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42230", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:14:24.948809Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:24.362Z"}}], "cna": {"title": "powerpc/pseries: Fix scv instruction crash with kexec", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "7fa95f9adaee", "lessThan": "c550679d6047", "versionType": "git"}, {"status": "affected", "version": "7fa95f9adaee", "lessThan": "d10e3c39001e", "versionType": "git"}, {"status": "affected", "version": "7fa95f9adaee", "lessThan": "8c6506616386", "versionType": "git"}, {"status": "affected", "version": "7fa95f9adaee", "lessThan": "21a741eb75f8", "versionType": "git"}], "programFiles": ["arch/powerpc/kexec/core_64.c", "arch/powerpc/platforms/pseries/kexec.c", "arch/powerpc/platforms/pseries/pseries.h", "arch/powerpc/platforms/pseries/setup.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.9"}, {"status": "unaffected", "version": "0", "lessThan": "5.9", "versionType": "custom"}, {"status": "unaffected", "version": "6.1.98", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.39", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.9", "versionType": "custom", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["arch/powerpc/kexec/core_64.c", "arch/powerpc/platforms/pseries/kexec.c", "arch/powerpc/platforms/pseries/pseries.h", "arch/powerpc/platforms/pseries/setup.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/c550679d604798d9fed8a5b2bb5693448a25407c"}, {"url": "https://git.kernel.org/stable/c/d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5"}, {"url": "https://git.kernel.org/stable/c/8c6506616386ce37e59b2745fc481c6713fae4f3"}, {"url": "https://git.kernel.org/stable/c/21a741eb75f80397e5f7d3739e24d7d75e619011"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Fix scv instruction crash with kexec\n\nkexec on pseries disables AIL (reloc_on_exc), required for scv\ninstruction support, before other CPUs have been shut down. This means\nthey can execute scv instructions after AIL is disabled, which causes an\ninterrupt at an unexpected entry location that crashes the kernel.\n\nChange the kexec sequence to disable AIL after other CPUs have been\nbrought down.\n\nAs a refresher, the real-mode scv interrupt vector is 0x17000, and the\nfixed-location head code probably couldn't easily deal with implementing\nsuch high addresses so it was just decided not to support that interrupt\nat all."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-30T07:47:10.703Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42230", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:34:32.851Z", "dateReserved": "2024-07-30T07:40:12.250Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-30T07:47:10.703Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7E92232-0258-4DF2-8BAB-A29F93F78C0D", "versionEndExcluding": "6.1.98", "versionStartIncluding": "5.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "25B0CC37-7862-4BB8-9603-1132387FAD81", "versionEndIncluding": "6.6.39", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADCC1407-0CB3-4C8F-B4C5-07F682CD7085", "versionEndExcluding": "6.9.9", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*", "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "331C2F14-12C7-45D5-893D-8C52EE38EA10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*", "matchCriteriaId": "3173713D-909A-4DD3-9DD4-1E171EB057EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*", "matchCriteriaId": "79F18AFA-40F7-43F0-BA30-7BDB65F918B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*", "matchCriteriaId": "BD973AA4-A789-49BD-8D57-B2846935D3C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*", "matchCriteriaId": "8F3E9E0C-AC3E-4967-AF80-6483E8AB0078", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Fix scv instruction crash with kexec\n\nkexec on pseries disables AIL (reloc_on_exc), required for scv\ninstruction support, before other CPUs have been shut down. This means\nthey can execute scv instructions after AIL is disabled, which causes an\ninterrupt at an unexpected entry location that crashes the kernel.\n\nChange the kexec sequence to disable AIL after other CPUs have been\nbrought down.\n\nAs a refresher, the real-mode scv interrupt vector is 0x17000, and the\nfixed-location head code probably couldn't easily deal with implementing\nsuch high addresses so it was just decided not to support that interrupt\nat all."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: powerpc/pseries: corrige el fallo de la instrucci\u00f3n scv con kexec kexec en pseries desactiva AIL (reloc_on_exc), necesario para el soporte de instrucciones scv, antes de que se apaguen otras CPU. Esto significa que pueden ejecutar instrucciones scv despu\u00e9s de que AIL est\u00e9 desactivado, lo que provoca una interrupci\u00f3n en una ubicaci\u00f3n de entrada inesperada que bloquea el kernel. Cambie la secuencia kexec para deshabilitar AIL despu\u00e9s de que se hayan desactivado otras CPU. Como repaso, el vector de interrupci\u00f3n scv en modo real es 0x17000, y el c\u00f3digo principal de ubicaci\u00f3n fija probablemente no podr\u00eda manejar f\u00e1cilmente la implementaci\u00f3n de direcciones tan altas, por lo que simplemente se decidi\u00f3 no admitir esa interrupci\u00f3n en absoluto."}], "id": "CVE-2024-42230", "lastModified": "2024-07-30T19:32:51.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-30T08:15:08.193", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/21a741eb75f80397e5f7d3739e24d7d75e619011"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8c6506616386ce37e59b2745fc481c6713fae4f3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c550679d604798d9fed8a5b2bb5693448a25407c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d10e3c39001e9194b9a1bfd6979bd3fa19dccdc5"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: powerpc/pseries: Fix scv instruction crash with kexec", "id": "2301547", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301547"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\npowerpc/pseries: Fix scv instruction crash with kexec\nkexec on pseries disables AIL (reloc_on_exc), required for scv\ninstruction support, before other CPUs have been shut down. This means\nthey can execute scv instructions after AIL is disabled, which causes an\ninterrupt at an unexpected entry location that crashes the kernel.\nChange the kexec sequence to disable AIL after other CPUs have been\nbrought down.\nAs a refresher, the real-mode scv interrupt vector is 0x17000, and the\nfixed-location head code probably couldn't easily deal with implementing\nsuch high addresses so it was just decided not to support that interrupt\nat all."], "name": "CVE-2024-42230", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42230\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42230\nhttps://lore.kernel.org/linux-cve-announce/2024073039-CVE-2024-42230-a46d@gregkh/T"], "threat_severity": "Low"}