logo_clicknbuy.png

CVE-2024-57949 – Linux kernel GIC-v3-its Infinite Recursion Vulnerability

The following table lists the changes that have been made to the
CVE-2024-57949 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 09, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved:

    irqchip/gic-v3-its: Don’t enable interrupts in its_irq_set_vcpu_affinity()

    The following call-chain leads to enabling interrupts in a nested interrupt
    disabled section:

    irq_set_vcpu_affinity()
    irq_get_desc_lock()
    raw_spin_lock_irqsave() <— Disable interrupts
    its_irq_set_vcpu_affinity()
    guard(raw_spinlock_irq) <— Enables interrupts when leaving the guard()
    irq_put_desc_unlock() <— Warns because interrupts are enabled

    This was broken in commit b97e8a2f7130, which replaced the original
    raw_spin_[un]lock() pair with guard(raw_spinlock_irq).

    Fix the issue by using guard(raw_spinlock).

    [ tglx: Massaged change log ]
    Added Reference https://git.kernel.org/stable/c/35cb2c6ce7da545f3b5cb1e6473ad7c3a6f08310
    Added Reference https://git.kernel.org/stable/c/6c84ff2e788fce0099ee3e71a3ed258b1ca1a223
    Added Reference https://git.kernel.org/stable/c/93955a7788121ab5a0f7f27e988b2ed1135a4866
    Added Reference https://git.kernel.org/stable/c/d7b0e89610dd45ac6cf0d6f99bfa9ccc787db344
Share the Post:

Related Posts