CVE-2024-38597

CVSS v3.1 5.5 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 17

NVD Status Analyzed

In the Linux kernel, the following vulnerability has been resolved:

eth: sungem: remove .ndo_poll_controller to avoid deadlocks

Erhard reports netpoll warnings from sungem:

netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398)
WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c

gem_poll_controller() disables interrupts, which may sleep.
We can't sleep in netpoll, it has interrupts disabled completely.
Strangely, gem_poll_controller() doesn't even poll the completions,
and instead acts as if an interrupt has fired so it just schedules
NAPI and exits. None of this has been necessary for years, since
netpoll invokes NAPI directly.

Weaknesses

CWE-667: Improper Locking

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: kernel.org
Published Date: 2024-06-19 14:15:19
(2 months ago)
Updated Date: 2024-08-27 18:36:47
(2 weeks ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.1 version and prior 5.10.219 version	cpe:2.3:o:linux:linux_kernel	>= 3.1	< 5.10.219
Linux Kernel from 5.11 version and prior 5.15.161 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.161
Linux Kernel from 5.16 version and prior 6.1.93 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.93
Linux Kernel from 6.2 version and prior 6.6.33 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.6.33
Linux Kernel from 6.7 version and prior 6.8.12 version	cpe:2.3:o:linux:linux_kernel	>= 6.7	< 6.8.12
Linux Kernel from 6.9 version and prior 6.9.3 version	cpe:2.3:o:linux:linux_kernel	>= 6.9	< 6.9.3