CVE-2024-43872

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-43872

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

I

n the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH workqueue and set an upper limit for the number of CEQE handled by a single call of work handler.

References
Link Resource
https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08 Patch
https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b Patch
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

03 Sep 2024, 13:38

Type Values Removed Values Added
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08 - () https://git.kernel.org/stable/c/06580b33c183c9f98e2a2ca96a86137179032c08 - Patch
References () https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b - () https://git.kernel.org/stable/c/2fdf34038369c0a27811e7b4680662a14ada1d6b - Patch
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: RDMA/hns: corrige el bloqueo suave bajo carga pesada de CEQE. Actualmente, los CEQE se manejan en el controlador de interrupciones. Esto puede hacer que el núcleo de la CPU permanezca en el contexto de interrupción durante demasiado tiempo y provocar un bloqueo suave bajo una carga pesada. Maneje CEQE en la cola de trabajo de BH y establezca un límite superior para la cantidad de CEQE manejados por una sola llamada de controlador de trabajo.
CWE CWE-667
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

21 Aug 2024, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-08-21 01:15

Updated : 2024-09-03 13:38

NVD link : CVE-2024-43872

Mitre link : CVE-2024-43872

CVE.ORG link : CVE-2024-43872

JSON object : View

Products Affected

linux

CWE
CWE-667

Improper Locking