CVE-2024-38553

CVSS v3.1 5.5 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 14

NVD Status Analyzed

In the Linux kernel, the following vulnerability has been resolved:

net: fec: remove .ndo_poll_controller to avoid deadlocks

There is a deadlock issue found in sungem driver, please refer to the
commit ac0a230f719b ("eth: sungem: remove .ndo_poll_controller to avoid
deadlocks"). The root cause of the issue is that netpoll is in atomic
context and disable_irq() is called by .ndo_poll_controller interface
of sungem driver, however, disable_irq() might sleep. After analyzing
the implementation of fec_poll_controller(), the fec driver should have
the same issue. Due to the fec driver uses NAPI for TX completions, the
.ndo_poll_controller is unnecessary to be implemented in the fec driver,
so fec_poll_controller() can be safely removed.

Weaknesses

CWE-667: Improper Locking

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: kernel.org
Published Date: 2024-06-19 14:15:15
(2 months ago)
Updated Date: 2024-08-27 19:45:18
(2 weeks ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.2 version and prior 6.6.33 version	cpe:2.3:o:linux:linux_kernel	>= 3.2	< 6.6.33
Linux Kernel from 6.7 version and prior 6.8.12 version	cpe:2.3:o:linux:linux_kernel	>= 6.7	< 6.8.12
Linux Kernel from 6.9 version and prior 6.9.3 version	cpe:2.3:o:linux:linux_kernel	>= 6.9	< 6.9.3