Stay Connected:

CVE-2024-47143

CVE Details

Release Date:2025-01-11
Impact:Low What is this?

Description


In the Linux kernel, the following vulnerability has been resolved: dma-debug: fix a possible deadlock on radix_lock radix_lock() shouldn't be held while holding dma_hash_entry[idx].lock otherwise, there's a possible deadlock scenario when dma debug API is called holding rq_lock(): CPU0 CPU1 CPU2 dma_free_attrs() check_unmap() add_dma_entry() __schedule() //out (A) rq_lock() get_hash_bucket() (A) dma_entry_hash check_sync() (A) radix_lock() (W) dma_entry_hash dma_entry_free() (W) radix_lock() // CPU2's one (W) rq_lock() CPU1 situation can happen when it extending radix tree and it tries to wake up kswapd via wake_all_kswapd(). CPU2 situation can happen while perf_event_task_sched_out() (i.e. dma sync operation is called while deleting perf_event using etm and etr tmc which are Arm Coresight hwtracing driver backends). To remove this possible situation, call dma_entry_free() after put_hash_bucket() in check_unmap().

See more information about CVE-2024-47143 from MITRE CVE dictionary and NIST NVD


NOTE: The following CVSS metrics and score provided are preliminary and subject to review.


CVSS v3 metrics

Base Score: 4.4
Vector String: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Attack Vector: Local
Attack Complexity: Low
Privileges Required: High
User Interaction: None
Scope: Unchanged
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High

Errata information


PlatformErrataRelease Date
Oracle Linux version 10 (kernel-uek) ELSA-2025-204802025-07-17
Oracle Linux version 9 (kernel-uek) ELSA-2025-204802025-07-17


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights