CVE: CVE-2024-50032

Descrizione: In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix rcuog wake-up from offline softirq After a CPU has set itself offline and before it eventually calls rcutree_report_cpu_dead(), there are still opportunities for callbacks to be enqueued, for example from a softirq. When that happens on NOCB, the rcuog wake-up is deferred through an IPI to an online CPU in order not to call into the scheduler and risk arming the RT-bandwidth after hrtimers have been migrated out and disabled. But performing a synchronized IPI from a softirq is buggy as reported in the following scenario: WARNING: CPU: 1 PID: 26 at kernel/smp.c:633 smp_call_function_single Modules linked in: rcutorture torture CPU: 1 UID: 0 PID: 26 Comm: migration/1 Not tainted 6.11.0-rc1-00012-g9139f93209d1 #1 Stopper: multi_cpu_stop+0x0/0x320 <- __stop_cpus+0xd0/0x120 RIP: 0010:smp_call_function_single swake_up_one_online __call_rcu_nocb_wake __call_rcu_common ? rcu_torture_one_read call_timer_fn __run_timers run_timer_softirq handle_softirqs irq_exit_rcu ? tick_handle_periodic sysvec_apic_timer_interrupt Fix this with forcing deferred rcuog wake up through the NOCB timer when the CPU is offline. The actual wake up will happen from rcutree_report_cpu_dead().

Vettore di attacco

Riferimenti esterni

• https://git.kernel.org/stable/c/84a5feebba10354c683983f5f1372a144225e4c2
• https://git.kernel.org/stable/c/e66b1e01f2eb3209d08122572f41f7838b79540d
• https://git.kernel.org/stable/c/f7345ccc62a4b880cf76458db5f320725f28e400

Prodotti interessati

• Linux – Linux
• Linux – Linux

Relazioni con altri prodotti

Produttore:Linux
Prodotto: Linux
Anno: 2024
CWE:
CVSS: 0.0