U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2024-37353

Change History

CVE Translated by kernel.org 8/21/2024 8:15:05 PM

Action Type Old Value New Value
Removed Translation 
Title: kernel de Linux
Description: En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: virtio: eliminar vq en vp_find_vqs_msix() cuando request_irq() falla Cuando request_irq() falla, la ruta de error llama a vp_del_vqs(). Allí, como vq está presente en la lista, se llama a free_irq() para el mismo vector. Eso provoca el siguiente símbolo: [0.414355] Intentando liberar IRQ 27 que ya está libre [0.414403] ADVERTENCIA: CPU: 1 PID: 1 en kernel/irq/manage.c:1899 free_irq+0x1a1/0x2d0 [0.414510] Módulos vinculados en: [ 0.414540] CPU: 1 PID: 1 Comunicaciones: swapper/0 No contaminado 6.9.0-rc4+ #27 [ 0.414540] Nombre de hardware: PC estándar QEMU (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01 /2014 [0.414540] RIP: 0010:free_irq+0x1a1/0x2d0 [0.414540] Código: 1e 00 48 83 c4 08 48 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc 90 8b 74 24 04 48 c7 c7 98 80 6c b1 e8 00 c9 f7 ff 90 <0f> 0b 90 90 48 89 ee 4c 89 ef e8 e0 20 b8 00 49 8b 47 40 48 8b 40 [ 0.414540] RSP: 0000:ffffb71480013ae0 EFLAGS: 00010086 [0,414540] RAX : 0000000000000000 RBX: ffffa099c2722000 RCX: 0000000000000000 [ 0.414540] RDX: 0000000000000000 RSI: ffffb71480013998 RDI: 0000000000000 001 [ 0.414540] RBP: 0000000000000246 R08: 00000000ffffdfff R09: 0000000000000001 [ 0.414540] R10: 00000000ffffdfff R11: fffffffb18729c0 fffa099c1c91760 [ 0.414540] R13: fffa099c1c916a4 R14: ffffa099c1d2f200 R15: ffffa099c1c91600 [ 0.414540] FS: 0000000000000000(0000) GS:ffffa099fec40000(0000) knlGS:0000000000000000 [ 0.41454 0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 0.414540] CR2: 0000000000000000 CR3: 0000000008e3e001 CR4: 0000000000370ef0 [0.414540] Seguimiento de llamadas: [0.414540]  [0.414540]? __advertir+0x80/0x120 [0.414540]? free_irq+0x1a1/0x2d0 [0.414540]? report_bug+0x164/0x190 [0.414540]? handle_bug+0x3b/0x70 [0.414540]? exc_invalid_op+0x17/0x70 [0.414540]? asm_exc_invalid_op+0x1a/0x20 [0.414540]? free_irq+0x1a1/0x2d0 [ 0.414540] vp_del_vqs+0xc1/0x220 [ 0.414540] vp_find_vqs_msix+0x305/0x470 [ 0.414540] vp_find_vqs+0x3e/0x1a0 [ 0.414540 ] vp_modern_find_vqs+0x1b/0x70 [ 0.414540] init_vqs+0x387/0x600 [ 0.414540] virtnet_probe+ 0x50a/0xc80 [0.414540] virtio_dev_probe+0x1e0/0x2b0 [0.414540]realmente_probe+0xc0/0x2c0 [0.414540]? __pfx___driver_attach+0x10/0x10 [ 0.414540] __driver_probe_device+0x73/0x120 [ 0.414540] driver_probe_device+0x1f/0xe0 [ 0.414540] __driver_attach+0x88/0x180 [ 0.414540] _for_each_dev+0x85/0xd0 [ 0.414540] bus_add_driver+0xec/0x1f0 [ 0.414540] driver_register+ 0x59/0x100 [0,414540]? __pfx_virtio_net_driver_init+0x10/0x10 [ 0.414540] virtio_net_driver_init+0x90/0xb0 [ 0.414540] do_one_initcall+0x58/0x230 [ 0.414540] kernel_init_freeable+0x1a3/0x2d0 [ 0.41 4540] ? __pfx_kernel_init+0x10/0x10 [0.414540] kernel_init+0x1a/0x1c0 [0.414540] ret_from_fork+0x31/0x50 [0.414540]? __pfx_kernel_init+0x10/0x10 [ 0.414540] ret_from_fork_asm+0x1a/0x30 [ 0.414540]  Solucione este problema llamando a eliminar el vq actual cuando request_irq() falla.
 

								
								
					

				
			




		

	
		

			 
			

				CVE Modified by kernel.org 8/21/2024 8:15:05 PM
			



			

				 
					

						Action
						Type
						Old Value
						New Value
					

				
				
					

						Changed
						Description
						
							
							
								
							
								
In the Linux kernel, the following vulnerability has been resolved:

virtio: delete vq in vp_find_vqs_msix() when request_irq() fails

When request_irq() fails, error path calls vp_del_vqs(). There, as vq is
present in the list, free_irq() is called for the same vector. That
causes following splat:

[    0.414355] Trying to free already-free IRQ 27
[    0.414403] WARNING: CPU: 1 PID: 1 at kernel/irq/manage.c:1899 free_irq+0x1a1/0x2d0
[    0.414510] Modules linked in:
[    0.414540] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc4+ #27
[    0.414540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014
[    0.414540] RIP: 0010:free_irq+0x1a1/0x2d0
[    0.414540] Code: 1e 00 48 83 c4 08 48 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 90 8b 74 24 04 48 c7 c7 98 80 6c b1 e8 00 c9 f7 ff 90 <0f> 0b 90 90 48 89 ee 4c 89 ef e8 e0 20 b8 00 49 8b 47 40 48 8b 40
[    0.414540] RSP: 0000:ffffb71480013ae0 EFLAGS: 00010086
[    0.414540] RAX: 0000000000000000 RBX: ffffa099c2722000 RCX: 0000000000000000
[    0.414540] RDX: 0000000000000000 RSI: ffffb71480013998 RDI: 0000000000000001
[    0.414540] RBP: 0000000000000246 R08: 00000000ffffdfff R09: 0000000000000001
[    0.414540] R10: 00000000ffffdfff R11: ffffffffb18729c0 R12: ffffa099c1c91760
[    0.414540] R13: ffffa099c1c916a4 R14: ffffa099c1d2f200 R15: ffffa099c1c91600
[    0.414540] FS:  0000000000000000(0000) GS:ffffa099fec40000(0000) knlGS:0000000000000000
[    0.414540] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    0.414540] CR2: 0000000000000000 CR3: 0000000008e3e001 CR4: 0000000000370ef0
[    0.414540] Call Trace:
[    0.414540]  <TASK>
[    0.414540]  ? __warn+0x80/0x120
[    0.414540]  ? free_irq+0x1a1/0x2d0
[    0.414540]  ? report_bug+0x164/0x190
[    0.414540]  ? handle_bug+0x3b/0x70
[    0.414540]  ? exc_invalid_op+0x17/0x70
[    0.414540]  ? asm_exc_invalid_op+0x1a/0x20
[    0.414540]  ? free_irq+0x1a1/0x2d0
[    0.414540]  vp_del_vqs+0xc1/0x220
[    0.414540]  vp_find_vqs_msix+0x305/0x470
[    0.414540]  vp_find_vqs+0x3e/0x1a0
[    0.414540]  vp_modern_find_vqs+0x1b/0x70
[    0.414540]  init_vqs+0x387/0x600
[    0.414540]  virtnet_probe+0x50a/0xc80
[    0.414540]  virtio_dev_probe+0x1e0/0x2b0
[    0.414540]  really_probe+0xc0/0x2c0
[    0.414540]  ? __pfx___driver_attach+0x10/0x10
[    0.414540]  __driver_probe_device+0x73/0x120
[    0.414540]  driver_probe_device+0x1f/0xe0
[    0.414540]  __driver_attach+0x88/0x180
[    0.414540]  bus_for_each_dev+0x85/0xd0
[    0.414540]  bus_add_driver+0xec/0x1f0
[    0.414540]  driver_register+0x59/0x100
[    0.414540]  ? __pfx_virtio_net_driver_init+0x10/0x10
[    0.414540]  virtio_net_driver_init+0x90/0xb0
[    0.414540]  do_one_initcall+0x58/0x230
[    0.414540]  kernel_init_freeable+0x1a3/0x2d0
[    0.414540]  ? __pfx_kernel_init+0x10/0x10
[    0.414540]  kernel_init+0x1a/0x1c0
[    0.414540]  ret_from_fork+0x31/0x50
[    0.414540]  ? __pfx_kernel_init+0x10/0x10
[    0.414540]  ret_from_fork_asm+0x1a/0x30
[    0.414540]  </TASK>

Fix this by calling deleting the current vq when request_irq() fails.

								
							
							
								
							
						
								
							
								
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/04207a9c64e0b16dac842e5b2ecfa53af25bdea7

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/42d30da50d5c1ec433fd9551bfddd6887407c352

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/43a9aaf63254ab821f0f25fea25698ebe69ea16a

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/7fbe54f02a5c77ff5dd65e8ed0b58e3bd8c43e9c

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/89875151fccdd024d571aa884ea97a0128b968b6

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/abf001651acd1858252764fa39d79e3d0b5c86b2

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/bb61a84793858330ba2ca1d202d3779096f6fb54

								
							
							
								
							
						
								
							
								

								
								
					

					

						Removed
						Reference
						
							
							
								
							
								
kernel.org https://git.kernel.org/stable/c/cb7a7c8144b434e06aba99b13b045a7efe859587

								
							
							
								
							
						
								
							
								

								
								
					

				
			




		

	
		

			 
			

				CVE Rejected by kernel.org 8/21/2024 8:15:05 PM
			



			

				 
					

						Action
						Type
						Old Value
						New Value