CVE-2024-38780

Published: Jun 21, 2024Modified: May 12, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from sync_print_obj() Since commit a6aa8fca4d79 ("dma-buf/sw-sync: Reduce irqsave/irqrestore from known context") by error replaced spin_unlock_irqrestore() with spin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite sync_print_obj() is called from sync_debugfs_show(), lockdep complains inconsistent lock state warning. Use plain spin_{lock,unlock}() for sync_print_obj(), for sync_debugfs_show() is already using spin_{lock,unlock}_irq().

Affected (9)

Products: Linux: Linux Kernel

1 product

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 4.14
Linux Linux Kernel	From 4.19 to 4.19.316
Linux Linux Kernel	From 5.10 to 5.10.219
Linux Linux Kernel	From 5.15 to 5.15.161
Linux Linux Kernel	From 5.4 to 5.4.278
Linux Linux Kernel	From 6.1 to 6.1.93
Linux Linux Kernel	From 6.6 to 6.6.33
Linux Linux Kernel	From 6.9 to 6.9.4
Linux Linux Kernel	Version 6.10.0 rc1

Related CWEs

Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

References (20)

https://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Mailing ListPatch

https://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatch

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.