CVE-2024-36887

This is a partial revert of commit 6dbdd4de0362 ("e1000e: Workaround for sporadic MDI error on Meteor Lake systems"). The referenced commit used usleep_range inside the PHY access routines, which are sometimes called from an atomic context. This can lead to a kernel panic in some scenarios, such as cable disconnection and reconnection on vPro systems.

Solve this by changing the usleep_range calls back to udelay.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36887.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1d16cd91cd319d5bf6230c8493feb56a61e486a1

Fixed

f8a139656c95db893a543159873c57a470d7376d

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0a4e3c2d976aa4dd38951afd6267f74ef3fade0e

Fixed

950d5226cd6bb83ba720961a8d4d5cf79e6afd57

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6dbdd4de0362c37e54e8b049781402e5a409e7d0

Fixed

387f295cb2150ed164905b648d76dfcbd3621778

Affected versions

v6.*

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.30

v6.8.5

v6.8.6

v6.8.7

v6.8.8

v6.8.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2024-36887-1888350a",
        "target": {
            "file": "drivers/net/ethernet/intel/e1000e/phy.c",
            "function": "e1000e_read_phy_reg_mdic"
        },
        "digest": {
            "length": 1337.0,
            "function_hash": "179329691376497555983915751247139185741"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@950d5226cd6bb83ba720961a8d4d5cf79e6afd57"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2024-36887-70e0b2cb",
        "target": {
            "file": "drivers/net/ethernet/intel/e1000e/phy.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "205353162967652609615328445313066592322",
                "132347830941713117022546897378176299554",
                "143891496013128196990643251847715929530",
                "334254514828101685066565458732975254979",
                "98067582473699597282202585187371659430",
                "257332417306815452998319862246673051002",
                "136716566186177492840097418471905298292",
                "336345649797996805770546718615356642905",
                "317685829250176458411927094858805275982",
                "132347830941713117022546897378176299554",
                "143891496013128196990643251847715929530",
                "334254514828101685066565458732975254979",
                "98067582473699597282202585187371659430",
                "172342997335991412324872352312989564126",
                "36350820911429358475802086124092100943",
                "312341674822039397533683793881015746865"
            ]
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@950d5226cd6bb83ba720961a8d4d5cf79e6afd57"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2024-36887-ec98d750",
        "target": {
            "file": "drivers/net/ethernet/intel/e1000e/phy.c",
            "function": "e1000e_write_phy_reg_mdic"
        },
        "digest": {
            "length": 1331.0,
            "function_hash": "187878950271589693146789684429706729373"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@950d5226cd6bb83ba720961a8d4d5cf79e6afd57"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36887.json"