Linux Kernel Interrupt Management Vulnerability in GIC-v3 ITS
CVE-2024-57949

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 February 2025

Summary

A vulnerability in the Linux kernel's GIC-v3 ITS arises from improper interrupt management within the irq_set_vcpu_affinity function. Specifically, this issue occurs in a nested interrupt-disabled context, where interrupts can be inadvertently enabled due to the incorrect use of guard functions. The problem was introduced in a recent commit that changed the locking mechanism, leading to potential system instability and unexpected behaviors. It is essential for system administrators to apply the latest patches to mitigate this vulnerability and ensure the integrity and reliability of their systems.

Affected Version(s)

Linux 2458f2362f695584bd824c922caa07ffc4fe0d5c

Linux 5c0fb9cb404a2efbbc319ff9d1b877cf4e47e950 < 6c84ff2e788fce0099ee3e71a3ed258b1ca1a223

Linux b97e8a2f7130a4b30d1502003095833d16c028b3 < 93955a7788121ab5a0f7f27e988b2ed1135a4866

References

https://git.kernel.org/stable/c/d7b0e89610dd45ac6cf0d6f99...

https://git.kernel.org/stable/c/6c84ff2e788fce0099ee3e71a...

https://git.kernel.org/stable/c/93955a7788121ab5a0f7f27e9...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 9, 2025
Vulnerability Reserved
Jan 19, 2025