Linux Kernel Vulnerability Related to NEXT_BUDDY Handling
CVE-2024-49573

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 January 2025

Summary

A vulnerability in the Linux kernel was identified that affects the scheduling of process entity handling due to an improper configuration of the NEXT_BUDDY algorithm. When enabled, this setting can lead to warnings triggered in the pick_next_entity() function, resulting from delayed dequeue bits affecting process scheduling. The issue has been addressed by repositioning the clear_buddies() function earlier to prevent any next buddy from becoming delayed and ensuring that no new next buddy can start in a delayed state.

Affected Version(s)

Linux 152e11f6df293e816a6a37c69757033cdc72667d < 5dbe6816c49197677a5ecce749bd99929da147da

Linux 152e11f6df293e816a6a37c69757033cdc72667d < 493afbd187c4c9cc1642792c0d9ba400c3d6d90d

Linux 6.12

References

https://git.kernel.org/stable/c/5dbe6816c49197677a5ecce74...

https://git.kernel.org/stable/c/493afbd187c4c9cc1642792c0...

Timeline

Vulnerability published
Jan 11, 2025
Vulnerability Reserved
Jan 11, 2025