{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-43872", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-08-17T09:11:59.281Z", "datePublished": "2024-08-21T00:06:24.041Z", "dateUpdated": "2024-09-15T17:54:40.557Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-09-15T17:54:40.557Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup under heavy CEQE load\n\nCEQEs are handled in interrupt handler currently. This may cause the\nCPU core staying in interrupt context too long and lead to soft lockup\nunder heavy load.\n\nHandle CEQEs in BH workqueue and set an upper limit for the number of\nCEQE handled by a single call of work handler."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/hns/hns_roce_device.h", "drivers/infiniband/hw/hns/hns_roce_hw_v2.c"], "versions": [{"version": "a5073d6054f7", "lessThan": "06580b33c183", "status": "affected", "versionType": "git"}, {"version": "a5073d6054f7", "lessThan": "2fdf34038369", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/hns/hns_roce_device.h", "drivers/infiniband/hw/hns/hns_roce_hw_v2.c"], "versions": [{"version": "4.16", "status": "affected"}, {"version": "0", "lessThan": "4.16", "status": "unaffected", "versionType": "custom"}, {"version": "6.10.3", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08"}, {"url": "https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b"}], "title": "RDMA/hns: Fix soft lockup under heavy CEQE load", "x_generator": {"engine": "bippy-c9c4e1df01b2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-43872", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:06:16.645858Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:18.467Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-43872", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:06:16.645858Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:22.673Z"}}], "cna": {"title": "RDMA/hns: Fix soft lockup under heavy CEQE load", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "a5073d6054f7", "lessThan": "06580b33c183", "versionType": "git"}, {"status": "affected", "version": "a5073d6054f7", "lessThan": "2fdf34038369", "versionType": "git"}], "programFiles": ["drivers/infiniband/hw/hns/hns_roce_device.h", "drivers/infiniband/hw/hns/hns_roce_hw_v2.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.16"}, {"status": "unaffected", "version": "0", "lessThan": "4.16", "versionType": "custom"}, {"status": "unaffected", "version": "6.10.3", "versionType": "custom", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/infiniband/hw/hns/hns_roce_device.h", "drivers/infiniband/hw/hns/hns_roce_hw_v2.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08"}, {"url": "https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup under heavy CEQE load\n\nCEQEs are handled in interrupt handler currently. This may cause the\nCPU core staying in interrupt context too long and lead to soft lockup\nunder heavy load.\n\nHandle CEQEs in BH workqueue and set an upper limit for the number of\nCEQE handled by a single call of work handler."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-09-15T17:54:40.557Z"}}}, "cveMetadata": {"cveId": "CVE-2024-43872", "state": "PUBLISHED", "dateUpdated": "2024-09-15T17:54:40.557Z", "dateReserved": "2024-08-17T09:11:59.281Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-08-21T00:06:24.041Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2194910-A867-4355-9344-95E7D3E499E3", "versionEndExcluding": "6.10.3", "versionStartIncluding": "4.16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup under heavy CEQE load\n\nCEQEs are handled in interrupt handler currently. This may cause the\nCPU core staying in interrupt context too long and lead to soft lockup\nunder heavy load.\n\nHandle CEQEs in BH workqueue and set an upper limit for the number of\nCEQE handled by a single call of work handler."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: RDMA/hns: corrige el bloqueo suave bajo carga pesada de CEQE. Actualmente, los CEQE se manejan en el controlador de interrupciones. Esto puede hacer que el n\u00facleo de la CPU permanezca en el contexto de interrupci\u00f3n durante demasiado tiempo y provocar un bloqueo suave bajo una carga pesada. Maneje CEQE en la cola de trabajo de BH y establezca un l\u00edmite superior para la cantidad de CEQE manejados por una sola llamada de controlador de trabajo."}], "id": "CVE-2024-43872", "lastModified": "2024-09-03T13:38:34.867", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-21T01:15:11.740", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: RDMA/hns: Fix soft lockup under heavy CEQE load", "id": "2306366", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306366"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nRDMA/hns: Fix soft lockup under heavy CEQE load\nCEQEs are handled in interrupt handler currently. This may cause the\nCPU core staying in interrupt context too long and lead to soft lockup\nunder heavy load.\nHandle CEQEs in BH workqueue and set an upper limit for the number of\nCEQE handled by a single call of work handler."], "name": "CVE-2024-43872", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-08-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-43872\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-43872\nhttps://lore.kernel.org/linux-cve-announce/2024082136-CVE-2024-43872-c87e@gregkh/T"], "threat_severity": "Moderate"}