CVE-2024-50196

CVE Details

Release Date:

2024-11-08

Description

In the Linux kernel, the following vulnerability has been resolved:\npinctrl: ocelot: fix system hang on level based interrupts\nThe current implementation only calls chained_irq_enter() and\nchained_irq_exit() if it detects pending interrupts.\n```\nfor (i = 0; i < info->stride; i++) {\nuregmap_read(info->map, id_reg + 4 * i, ®);\nif (!reg)\ncontinue;\nchained_irq_enter(parent_chip, desc);\n```\nHowever, in case of GPIO pin configured in level mode and the parent\ncontroller configured in edge mode, GPIO interrupt might be lowered by the\nhardware. In the result, if the interrupt is short enough, the parent\ninterrupt is still pending while the GPIO interrupt is cleared;\nchained_irq_enter() never gets called and the system hangs trying to\nservice the parent interrupt.\nMoving chained_irq_enter() and chained_irq_exit() outside the for loop\nensures that they are called even when GPIO interrupt is lowered by the\nhardware.\nThe similar code with chained_irq_enter() / chained_irq_exit() functions\nwrapping interrupt checking loop may be found in many other drivers:\n```\ngrep -r -A 10 chained_irq_enter drivers/pinctrl\n```

See more information about CVE-2024-50196 from MITRE CVE dictionary and NIST NVD

NOTE: The following CVSS metrics and score provided are preliminary and subject to review.

CVSS v3 metrics

Base Score:	5.5
Vector String:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version:	3.1
Attack Vector:	Local
Attack Complexity:	Low
Privileges Required:	Low
User Interaction:	None
Scope:	Unchanged
Confidentiality:	None
Integrity:	None
Availability:	High

Errata information

Platform	Errata	Release Date
Oracle Linux version 8 (kernel-uek)	ELSA-2024-12887	2024-12-18
Oracle Linux version 9 (kernel-uek)	ELSA-2024-12887	2024-12-18