CVE-2024-37353
Detail
Rejected This CVE has been marked Rejected in the CVE List. These CVEs are stored in the NVD, but do not show up in search results by default.
Description
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 2.0 Severity and Vector Strings:
NVD assessment
not yet provided.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected]
Change History
6 change records found show changes
CVE Translated by kernel.org 8/21/2024 8:15:05 PM
Action
Type
Old Value
New Value
Removed
Translation
Record truncated, showing 2048 of 2992 characters. View Entire Change Record Title: kernel de Linux
Description: En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: virtio: eliminar vq en vp_find_vqs_msix() cuando request_irq() falla Cuando request_irq() falla, la ruta de error llama a vp_del_vqs(). Allí, como vq está presente en la lista, se llama a free_irq() para el mismo vector. Eso provoca el siguiente símbolo: [0.414355] Intentando liberar IRQ 27 que ya está libre [0.414403] ADVERTENCIA: CPU: 1 PID: 1 en kernel/irq/manage.c:1899 free_irq+0x1a1/0x2d0 [0.414510] Módulos vinculados en: [ 0.414540] CPU: 1 PID: 1 Comunicaciones: swapper/0 No contaminado 6.9.0-rc4+ #27 [ 0.414540] Nombre de hardware: PC estándar QEMU (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01 /2014 [0.414540] RIP: 0010:free_irq+0x1a1/0x2d0 [0.414540] Código: 1e 00 48 83 c4 08 48 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc 90 8b 74 24 04 48 c7 c7 98 80 6c b1 e8 00 c9 f7 ff 90 <0f> 0b 90 90 48 89 ee 4c 89 ef e8 e0 20 b8 00 49 8b 47 40 48 8b 40 [ 0.414540] RSP: 0000:ffffb71480013ae0 EFLAGS: 00010086 [0,414540] RAX : 0000000000000000 RBX: ffffa099c2722000 RCX: 0000000000000000 [ 0.414540] RDX: 0000000000000000 RSI: ffffb71480013998 RDI: 0000000000000 001 [ 0.414540] RBP: 0000000000000246 R08: 00000000ffffdfff R09: 0000000000000001 [ 0.414540] R10: 00000000ffffdfff R11: fffffffb18729c0 fffa099c1c91760 [ 0.414540] R13: fffa099c1c916a4 R14: ffffa099c1d2f200 R15: ffffa099c1c91600 [ 0.414540] FS: 0000000000000000(0000) GS:ffffa099fec40000(0000) knlGS:0000000000000000 [ 0.41454 0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 0.414540] CR2: 0000000000000000 CR3: 0000000008e3e001 CR4: 0000000000370ef0 [0.414540] Seguimiento de llamadas: [0.414540] [0.414540]? __advertir+0x80/0x120 [0.414540]? free_irq+0x1a1/0x2d0 [0.414540]? report_bug+0x164/0x190 [0.414540]? handle_bug+0x3b/0x70 [0.414540]? exc_invalid_op+0x17/0x70 [0.414540]? asm_exc_invalid_op+0x1a/0x20 [0.414540]? free_irq+0x1a1/0x2d0 [ 0.414540] vp_del_vqs+0xc1/0x220 [ 0.414540] vp_find_vqs_msix+0x305/0x470 [ 0.414540] vp_find_vqs+0x3e/0x1a0
CVE Modified by kernel.org 8/21/2024 8:15:05 PM
Action
Type
Old Value
New Value
Changed
Description
Record truncated, showing 2048 of 3095 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved:
virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
When request_irq() fails, error path calls vp_del_vqs(). There, as vq is
present in the list, free_irq() is called for the same vector. That
causes following splat:
[ 0.414355] Trying to free already-free IRQ 27
[ 0.414403] WARNING: CPU: 1 PID: 1 at kernel/irq/manage.c:1899 free_irq+0x1a1/0x2d0
[ 0.414510] Modules linked in:
[ 0.414540] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc4+ #27
[ 0.414540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014
[ 0.414540] RIP: 0010:free_irq+0x1a1/0x2d0
[ 0.414540] Code: 1e 00 48 83 c4 08 48 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 90 8b 74 24 04 48 c7 c7 98 80 6c b1 e8 00 c9 f7 ff 90 <0f> 0b 90 90 48 89 ee 4c 89 ef e8 e0 20 b8 00 49 8b 47 40 48 8b 40
[ 0.414540] RSP: 0000:ffffb71480013ae0 EFLAGS: 00010086
[ 0.414540] RAX: 0000000000000000 RBX: ffffa099c2722000 RCX: 0000000000000000
[ 0.414540] RDX: 0000000000000000 RSI: ffffb71480013998 RDI: 0000000000000001
[ 0.414540] RBP: 0000000000000246 R08: 00000000ffffdfff R09: 0000000000000001
[ 0.414540] R10: 00000000ffffdfff R11: ffffffffb18729c0 R12: ffffa099c1c91760
[ 0.414540] R13: ffffa099c1c916a4 R14: ffffa099c1d2f200 R15: ffffa099c1c91600
[ 0.414540] FS: 0000000000000000(0000) GS:ffffa099fec40000(0000) knlGS:0000000000000000
[ 0.414540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.414540] CR2: 0000000000000000 CR3: 0000000008e3e001 CR4: 0000000000370ef0
[ 0.414540] Call Trace:
[ 0.414540] <TASK>
[ 0.414540] ? __warn+0x80/0x120
[ 0.414540] ? free_irq+0x1a1/0x2d0
[ 0.414540] ? report_bug+0x164/0x190
[ 0.414540] ? handle_bug+0x3b/0x70
[ 0.414540] ? exc_invalid_op+0x17/0x70
[ 0.414540] ? asm_exc_invalid_op+0x1a/0x20
[ 0.414540] ? free_irq+0x1a1/0x2d0
[ 0.414540] vp_del_vqs+0xc1/0x220
[ 0.414540] vp_find_vqs_msix+0x305/0x470
[ 0.414540] vp_find_
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed
Reference
kernel.org https://git.kernel.org/stable/c/04207a9c64e0b16dac842e5b2ecfa53af25bdea7
Removed
Reference
kernel.org https://git.kernel.org/stable/c/42d30da50d5c1ec433fd9551bfddd6887407c352
Removed
Reference
kernel.org https://git.kernel.org/stable/c/43a9aaf63254ab821f0f25fea25698ebe69ea16a
Removed
Reference
kernel.org https://git.kernel.org/stable/c/7fbe54f02a5c77ff5dd65e8ed0b58e3bd8c43e9c
Removed
Reference
kernel.org https://git.kernel.org/stable/c/89875151fccdd024d571aa884ea97a0128b968b6
Removed
Reference
kernel.org https://git.kernel.org/stable/c/abf001651acd1858252764fa39d79e3d0b5c86b2
Removed
Reference
kernel.org https://git.kernel.org/stable/c/bb61a84793858330ba2ca1d202d3779096f6fb54
Removed
Reference
kernel.org https://git.kernel.org/stable/c/cb7a7c8144b434e06aba99b13b045a7efe859587
CVE Rejected by kernel.org 8/21/2024 8:15:05 PM
Action
Type
Old Value
New Value
CVE Modified by kernel.org 7/15/2024 3:15:07 AM
Action
Type
Old Value
New Value
Removed
Reference
kernel.org https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
CVE Modified by kernel.org 6/27/2024 9:16:00 AM
Action
Type
Old Value
New Value
Added
Reference
kernel.org https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html [No types assigned]
New CVE Received from kernel.org 6/21/2024 7:15:10 AM
Action
Type
Old Value
New Value
Added
Description
Record truncated, showing 2048 of 3095 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved:
virtio: delete vq in vp_find_vqs_msix() when request_irq() fails
When request_irq() fails, error path calls vp_del_vqs(). There, as vq is
present in the list, free_irq() is called for the same vector. That
causes following splat:
[ 0.414355] Trying to free already-free IRQ 27
[ 0.414403] WARNING: CPU: 1 PID: 1 at kernel/irq/manage.c:1899 free_irq+0x1a1/0x2d0
[ 0.414510] Modules linked in:
[ 0.414540] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc4+ #27
[ 0.414540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014
[ 0.414540] RIP: 0010:free_irq+0x1a1/0x2d0
[ 0.414540] Code: 1e 00 48 83 c4 08 48 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 90 8b 74 24 04 48 c7 c7 98 80 6c b1 e8 00 c9 f7 ff 90 <0f> 0b 90 90 48 89 ee 4c 89 ef e8 e0 20 b8 00 49 8b 47 40 48 8b 40
[ 0.414540] RSP: 0000:ffffb71480013ae0 EFLAGS: 00010086
[ 0.414540] RAX: 0000000000000000 RBX: ffffa099c2722000 RCX: 0000000000000000
[ 0.414540] RDX: 0000000000000000 RSI: ffffb71480013998 RDI: 0000000000000001
[ 0.414540] RBP: 0000000000000246 R08: 00000000ffffdfff R09: 0000000000000001
[ 0.414540] R10: 00000000ffffdfff R11: ffffffffb18729c0 R12: ffffa099c1c91760
[ 0.414540] R13: ffffa099c1c916a4 R14: ffffa099c1d2f200 R15: ffffa099c1c91600
[ 0.414540] FS: 0000000000000000(0000) GS:ffffa099fec40000(0000) knlGS:0000000000000000
[ 0.414540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.414540] CR2: 0000000000000000 CR3: 0000000008e3e001 CR4: 0000000000370ef0
[ 0.414540] Call Trace:
[ 0.414540] <TASK>
[ 0.414540] ? __warn+0x80/0x120
[ 0.414540] ? free_irq+0x1a1/0x2d0
[ 0.414540] ? report_bug+0x164/0x190
[ 0.414540] ? handle_bug+0x3b/0x70
[ 0.414540] ? exc_invalid_op+0x17/0x70
[ 0.414540] ? asm_exc_invalid_op+0x1a/0x20
[ 0.414540] ? free_irq+0x1a1/0x2d0
[ 0.414540] vp_del_vqs+0xc1/0x220
[ 0.414540] vp_find_vqs_msix+0x305/0x470
[ 0.414540] vp_find_
Added
Reference
kernel.org https://git.kernel.org/stable/c/04207a9c64e0b16dac842e5b2ecfa53af25bdea7 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/42d30da50d5c1ec433fd9551bfddd6887407c352 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/43a9aaf63254ab821f0f25fea25698ebe69ea16a [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/7fbe54f02a5c77ff5dd65e8ed0b58e3bd8c43e9c [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/89875151fccdd024d571aa884ea97a0128b968b6 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/abf001651acd1858252764fa39d79e3d0b5c86b2 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/bb61a84793858330ba2ca1d202d3779096f6fb54 [No types assigned]
Added
Reference
kernel.org https://git.kernel.org/stable/c/cb7a7c8144b434e06aba99b13b045a7efe859587 [No types assigned]
Quick Info
CVE Dictionary Entry: CVE-2024-37353 NVD
Published Date: 06/21/2024 NVD
Last Modified: 08/21/2024
Source: kernel.org
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
