CVE-2024-35953

ivpudevice->contextxa is locked both in kernel thread and IRQ context. It requires XAFLAGSLOCK_IRQ flag to be passed during initialization otherwise the lock could be acquired from a thread and interrupted by an IRQ that locks it for the second time causing the deadlock.

This deadlock was reported by lockdep and observed in internal tests.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

35b137630f08d913fc2e33df33ccc2570dff3f7d

Fixed

d43e11d9c7fcb16f18bd46ab2556c2772ffc5775

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

35b137630f08d913fc2e33df33ccc2570dff3f7d

Fixed

e6011411147209bc0cc14628cbc155356837e52a

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

35b137630f08d913fc2e33df33ccc2570dff3f7d

Fixed

fd7726e75968b27fe98534ccbf47ccd6fef686f3

Affected versions

v6.*

v6.2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.3

v6.6.4

v6.6.5

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.8.1

v6.8.2

v6.8.3

v6.8.4

v6.8.5

v6.8.6

v6.9-rc1

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 3311.0,
            "function_hash": "278115498553546966599640033008273530699"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d43e11d9c7fcb16f18bd46ab2556c2772ffc5775",
        "target": {
            "file": "drivers/accel/ivpu/ivpu_drv.c",
            "function": "ivpu_dev_init"
        },
        "id": "CVE-2024-35953-078bc33a"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "185556346275788845608637161139558926263",
                "82634548840596446096063559266411289295",
                "240087758850967057950724337881127789827",
                "239471456485711902335510988220229332431"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e6011411147209bc0cc14628cbc155356837e52a",
        "target": {
            "file": "drivers/accel/ivpu/ivpu_drv.c"
        },
        "id": "CVE-2024-35953-425f0422"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 2612.0,
            "function_hash": "78455783109677877507693802171164122640"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e6011411147209bc0cc14628cbc155356837e52a",
        "target": {
            "file": "drivers/accel/ivpu/ivpu_drv.c",
            "function": "ivpu_dev_init"
        },
        "id": "CVE-2024-35953-7c4f48c8"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 2587.0,
            "function_hash": "82319013689130405748054983435550190554"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fd7726e75968b27fe98534ccbf47ccd6fef686f3",
        "target": {
            "file": "drivers/accel/ivpu/ivpu_drv.c",
            "function": "ivpu_dev_init"
        },
        "id": "CVE-2024-35953-a532419c"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "185556346275788845608637161139558926263",
                "82634548840596446096063559266411289295",
                "240087758850967057950724337881127789827",
                "61682763347224341145317931816819799194"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d43e11d9c7fcb16f18bd46ab2556c2772ffc5775",
        "target": {
            "file": "drivers/accel/ivpu/ivpu_drv.c"
        },
        "id": "CVE-2024-35953-a8def6c9"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "185556346275788845608637161139558926263",
                "82634548840596446096063559266411289295",
                "318343099147434436602552414902461919018",
                "76436498331165237447678954331843445853"
            ],
            "threshold": 0.9
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fd7726e75968b27fe98534ccbf47ccd6fef686f3",
        "target": {
            "file": "drivers/accel/ivpu/ivpu_drv.c"
        },
        "id": "CVE-2024-35953-e8b39811"
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.3.0

Fixed

6.6.28

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.8.7