Linux Kernel CPU Hotplug Removal Vulnerability in s390 Products
CVE-2024-57849
Summary
A vulnerability exists in the Linux kernel's handling of CPU hotplug operations within the s390 architecture. Specifically, when a CPU is hot-plugged off, the associated performance monitoring unit (PMU) deallocates sampling data buffers. However, if an event remains active on the removed CPU, the kernel's performance subsystem attempts to retrieve samples from buffers that may already have been freed. This could lead to a use-after-free scenario, potentially exposing invalid data. To mitigate this, there needs to be a check to ascertain whether the CPU remains in a reserved state. If the PMU_F_RESERVED bit is set, it indicates that the buffers are still valid; otherwise, they may be lost. Prompt application of the provided fixes is essential to ensure system integrity and performance.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 238e3af849dfdcb1faed544349f7025e533f9aab
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 99192c735ed4bfdff0d215ec85c8a87a677cb898
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 06a92f810df8037ca36157282ddcbefdcaf049b8
References
Timeline
Vulnerability published
Vulnerability Reserved