CVE-2024-50249
- ULN >
- Oracle Linux CVE repository >
- CVE-2024-50249
CVE Details
| Release Date: | 2024-11-09 |
Description
In the Linux kernel, the following vulnerability has been resolved:\nACPI: CPPC: Make rmw_lock a raw_spin_lock\nThe following BUG was triggered:\n=============================\n[ BUG: Invalid wait context ]\n6.12.0-rc2-XXX #406 Not tainted\n-----------------------------\nkworker/1:1/62 is trying to lock:\nffffff8801593030 (&cpc_ptr->rmw_lock){+.+.}-{3:3}, at: cpc_write+0xcc/0x370\nother info that might help us debug this:\ncontext-{5:5}\n2 locks held by kworker/1:1/62:\n#0: ffffff897ef5ec98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x50\n#1: ffffff880154e238 (&sg_policy->update_lock){....}-{2:2}, at: sugov_update_shared+0x3c/0x280\nstack backtrace:\nCPU: 1 UID: 0 PID: 62 Comm: kworker/1:1 Not tainted 6.12.0-rc2-g9654bd3e8806 #406\nWorkqueue: 0x0 (events)\nCall trace:\ndump_backtrace+0xa4/0x130\nshow_stack+0x20/0x38\ndump_stack_lvl+0x90/0xd0\ndump_stack+0x18/0x28\n__lock_acquire+0x480/0x1ad8\nlock_acquire+0x114/0x310\n_raw_spin_lock+0x50/0x70\ncpc_write+0xcc/0x370\ncppc_set_perf+0xa0/0x3a8\ncppc_cpufreq_fast_switch+0x40/0xc0\ncpufreq_driver_fast_switch+0x4c/0x218\nsugov_update_shared+0x234/0x280\nupdate_load_avg+0x6ec/0x7b8\ndequeue_entities+0x108/0x830\ndequeue_task_fair+0x58/0x408\n__schedule+0x4f0/0x1070\nschedule+0x54/0x130\nworker_thread+0xc0/0x2e8\nkthread+0x130/0x148\nret_from_fork+0x10/0x20\nsugov_update_shared() locks a raw_spinlock while cpc_write() locks a\nspinlock.\nTo have a correct wait-type order, update rmw_lock to a raw spinlock and\nensure that interrupts will be disabled on the CPU holding it.\n[ rjw: Changelog edits ]
See more information about CVE-2024-50249 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS metrics and score provided are preliminary and subject to review.
CVSS v3 metrics
| Base Score: | 5.5 |
| Vector String: | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Version: | 3.1 |
| Attack Vector: | Local |
| Attack Complexity: | Low |
| Privileges Required: | Low |
| User Interaction: | None |
| Scope: | Unchanged |
| Confidentiality: | None |
| Integrity: | None |
| Availability: | High |
Errata information
| Platform | Errata | Release Date |
| Oracle Linux version 8 (kernel-uek) | ELSA-2024-12887 | 2024-12-18 |
| Oracle Linux version 9 (kernel-uek) | ELSA-2024-12887 | 2024-12-18 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:
- Oracle customers - enter a support request
- Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process
