Vulnerability Details : CVE-2024-38780
In the Linux kernel, the following vulnerability has been resolved:
dma-buf/sw-sync: don't enable IRQ from sync_print_obj()
Since commit a6aa8fca4d79 ("dma-buf/sw-sync: Reduce irqsave/irqrestore from
known context") by error replaced spin_unlock_irqrestore() with
spin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite
sync_print_obj() is called from sync_debugfs_show(), lockdep complains
inconsistent lock state warning.
Use plain spin_{lock,unlock}() for sync_print_obj(), for
sync_debugfs_show() is already using spin_{lock,unlock}_irq().
Products affected by CVE-2024-38780
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2024-38780
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-38780
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST | 2024-06-24 |
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
N/A
|
N/A
|
RedHat-CVE-2024-38780 | 2024-06-21 |
CWE ids for CVE-2024-38780
-
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2024-38780
-
https://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
[SECURITY] [DLA 3840-1] linux security update
-
https://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
-
https://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef
dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - kernel/git/stable/linux.git - Linux kernel stable treeMailing List;Patch
Jump to