{"timestamp":"2024-09-10T16:06:03.924258Z","id":"CVE-2024-43876","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/pci/controller/pcie-rcar-host.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"9e14fb714ebf55443dd3449de9ea2ffcf13e562a","lessThan":"59c78e8fddc1fe68f14011450a09b3418127d2ad","versionType":"git","status":"affected"},{"version":"84b576146294c2be702cfcd174eaa74167e276f9","lessThan":"2ae4769332dfdb97f4b6f5dc9ac8f46d02aaa3df","versionType":"git","status":"affected"},{"version":"84b576146294c2be702cfcd174eaa74167e276f9","lessThan":"526a877c6273d4cd0d0aede84c1d620479764b1c","versionType":"git","status":"affected"},{"version":"84b576146294c2be702cfcd174eaa74167e276f9","lessThan":"3ff3bdde950f1840df4030726cef156758a244d7","versionType":"git","status":"affected"},{"version":"84b576146294c2be702cfcd174eaa74167e276f9","lessThan":"c93637e6a4c4e1d0e85ef7efac78d066bbb24d96","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/pci/controller/pcie-rcar-host.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.18","status":"affected"},{"version":"0","lessThan":"5.18","versionType":"semver","status":"unaffected"},{"version":"6.1.103","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.44","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.10.3","lessThanOrEqual":"6.10.*","versionType":"semver","status":"unaffected"},{"version":"6.11","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

https://git.kernel.org/stable/c/59c78e8fddc1fe68f14011450a09b3418127d2ad

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

NVD-CWE-noinfo

OR
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.10.3
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.6.44
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.18 up to (excluding) 6.1.103

kernel.org: https://git.kernel.org/stable/c/2ae4769332dfdb97f4b6f5dc9ac8f46d02aaa3df Types: Patch

kernel.org: https://git.kernel.org/stable/c/3ff3bdde950f1840df4030726cef156758a244d7 Types: Patch

kernel.org: https://git.kernel.org/stable/c/526a877c6273d4cd0d0aede84c1d620479764b1c Types: Patch

kernel.org: https://git.kernel.org/stable/c/c93637e6a4c4e1d0e85ef7efac78d066bbb24d96 Types: Patch

In the Linux kernel, the following vulnerability has been resolved:

PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup()

Avoid large backtrace, it is sufficient to warn the user that there has
been a link problem. Either the link has failed and the system is in need
of maintenance, or the link continues to work and user has been informed.
The message from the warning can be looked up in the sources.

This makes an actual link issue less verbose.

First of all, this controller has a limitation in that the controller
driver has to assist the hardware with transition to L1 link state by
writing L1IATN to PMCTRL register, the L1 and L0 link state switching
is not fully automatic on this controller.

In case of an ASMedia ASM1062 PCIe SATA controller which does not support
ASPM, on entry to suspend or during platform pm_test, the SATA controller
enters D3hot state and the link enters L1 state. If the SATA controller
wakes up before rcar_pcie_wakeup() was called and returns to D0, the link
returns to L0 before the controller driver even started its transition to
L1 link state. At this point, the SATA controller did send an PM_ENTER_L1
DLLP to the PCIe controller and the PCIe controller received it, and the
PCIe controller did set PMSR PMEL1RX bit.

Once rcar_pcie_wakeup() is called, if the link is already back in L0 state
and PMEL1RX bit is set, the controller driver has no way to determine if
it should perform the link transition to L1 state, or treat the link as if
it is in L0 state. Currently the driver attempts to perform the transition
to L1 link state unconditionally, which in this specific case fails with a
PMSR L1FAEG poll timeout, however the link still works as it is already
back in L0 state.

Reduce this warning verbosity. In case the link is really broken, the
rcar_pcie_config_access() would fail, otherwise it will succeed and any
system with this controller and ASM1062 can suspend without generating
a backtrace.

kernel.org https://git.kernel.org/stable/c/2ae4769332dfdb97f4b6f5dc9ac8f46d02aaa3df [No types assigned]

kernel.org https://git.kernel.org/stable/c/3ff3bdde950f1840df4030726cef156758a244d7 [No types assigned]

kernel.org https://git.kernel.org/stable/c/526a877c6273d4cd0d0aede84c1d620479764b1c [No types assigned]

kernel.org https://git.kernel.org/stable/c/c93637e6a4c4e1d0e85ef7efac78d066bbb24d96 [No types assigned]