CVE-2024-47735

CVE Details

Release Date:

2024-10-21

Description

In the Linux kernel, the following vulnerability has been resolved:\nRDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled\nFix missuse of spin_lock_irq()/spin_unlock_irq() when\nspin_lock_irqsave()/spin_lock_irqrestore() was hold.\nThis was discovered through the lock debugging, and the corresponding\nlog is as follows:\nraw_local_irq_restore() called with IRQs enabled\nWARNING: CPU: 96 PID: 2074 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40\n...\nCall trace:\nwarn_bogus_irq_restore+0x30/0x40\n_raw_spin_unlock_irqrestore+0x84/0xc8\nadd_qp_to_list+0x11c/0x148 [hns_roce_hw_v2]\nhns_roce_create_qp_common.constprop.0+0x240/0x780 [hns_roce_hw_v2]\nhns_roce_create_qp+0x98/0x160 [hns_roce_hw_v2]\ncreate_qp+0x138/0x258\nib_create_qp_kernel+0x50/0xe8\ncreate_mad_qp+0xa8/0x128\nib_mad_port_open+0x218/0x448\nib_mad_init_device+0x70/0x1f8\nadd_client_context+0xfc/0x220\nenable_device_and_get+0xd0/0x140\nib_register_device.part.0+0xf4/0x1c8\nib_register_device+0x34/0x50\nhns_roce_register_device+0x174/0x3d0 [hns_roce_hw_v2]\nhns_roce_init+0xfc/0x2c0 [hns_roce_hw_v2]\n__hns_roce_hw_v2_init_instance+0x7c/0x1d0 [hns_roce_hw_v2]\nhns_roce_hw_v2_init_instance+0x9c/0x180 [hns_roce_hw_v2]

See more information about CVE-2024-47735 from MITRE CVE dictionary and NIST NVD

NOTE: The following CVSS metrics and score provided are preliminary and subject to review.

CVSS v3 metrics

Base Score:	5.5
Vector String:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version:	3.1
Attack Vector:	Local
Attack Complexity:	Low
Privileges Required:	Low
User Interaction:	None
Scope:	Unchanged
Confidentiality:	None
Integrity:	None
Availability:	High

Errata information

Platform	Errata	Release Date
Oracle Linux version 8 (kernel-uek)	ELSA-2024-12887	2024-12-18
Oracle Linux version 9 (kernel-uek)	ELSA-2024-12887	2024-12-18