U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2024-48876

Change History

New CVE Received from kernel.org 1/11/2025 8:15:23 AM

Action Type Old Value New Value
Added Description 

								
							
							
								
							
						
								
							
								
In the Linux kernel, the following vulnerability has been resolved:

stackdepot: fix stack_depot_save_flags() in NMI context

Per documentation, stack_depot_save_flags() was meant to be usable from
NMI context if STACK_DEPOT_FLAG_CAN_ALLOC is unset.  However, it still
would try to take the pool_lock in an attempt to save a stack trace in the
current pool (if space is available).

This could result in deadlock if an NMI is handled while pool_lock is
already held.  To avoid deadlock, only try to take the lock in NMI context
and give up if unsuccessful.

The documentation is fixed to clearly convey this.

								
								
					

					

						Added
						Reference
						
							
							
								
							
								

								
							
							
								
							
						
								
							
								
https://git.kernel.org/stable/c/031e04bdc834cda3b054ef6b698503b2b97e8186

								
								
					

					

						Added
						Reference
						
							
							
								
							
								

								
							
							
								
							
						
								
							
								
https://git.kernel.org/stable/c/9bfeeeff2c92b9dd261198b601b45bde4c529841