CVE-2024-26709

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26709
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26709.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26709
Related
Published
2024-04-03T15:15:53Z
Modified
2024-09-18T03:26:01.957826Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

powerpc/iommu: Fix the missing iommugroupput() during platform domain attach

The function spaprtceplatformiommuattachdev() is missing to call iommugroupput() when the domain is already set. This refcount leak shows up with BUGON() during DLPAR remove operation as:

KernelBug: Kernel bug in state 'None': kernel BUG at arch/powerpc/platforms/pseries/iommu.c:100! Oops: Exception in kernel mode, sig: 5 [#1] LE PAGESIZE=64K MMU=Radix SMP NRCPUS=8192 NUMA pSeries <snip> Hardware name: IBM,9080-HEX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NH1060016) hv:phyp pSeries NIP: c0000000000ff4d4 LR: c0000000000ff4cc CTR: 0000000000000000 REGS: c0000013aed5f840 TRAP: 0700 Tainted: G I (6.8.0-rc3-autotest-g99bd3cb0d12e) MSR: 8000000000029033 <SF,EE,ME,IR,DR,RI,LE> CR: 44002402 XER: 20040000 CFAR: c000000000a0d170 IRQMASK: 0 ... NIP iommureconfignotifier+0x94/0x200 LR iommureconfignotifier+0x8c/0x200 Call Trace: iommureconfignotifier+0x8c/0x200 (unreliable) notifiercallchain+0xb8/0x19c blockingnotifiercallchain+0x64/0x98 ofreconfignotify+0x44/0xdc ofdetachnode+0x78/0xb0 ofdtwrite.part.0+0x86c/0xbb8 procregwrite+0xf4/0x150 vfswrite+0xf8/0x488 ksyswrite+0x84/0x140 systemcallexception+0x138/0x330 systemcallvectoredcommon+0x15c/0x2ec

The patch adds the missing iommugroupput() call.

References

Affected packages

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.7.7-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1

Ecosystem specific

{
    "urgency": "not yet assigned"
}