In the Linux kernel, the following vulnerability has been resolved:
sched: fix warning in sched_setaffinity
Commit 8f9ea86fdf99b added some logic to sched_setaffinity that included a WARN when a per-task affinity assignment races with a cpuset update.
Specifically, we can have a race where a cpuset update results in the task affinity no longer being a subset of the cpuset. That's fine; we have a fallback to instead use the cpuset mask. However, we have a WARN set up that will trigger if the cpuset mask has no overlap at all with the requested task affinity. This shouldn't be a warning condition; its trivial to create this condition.
Reproduced the warning by the following setup:
{ "vanir_signatures": [ { "id": "CVE-2024-41932-228b96f5", "signature_type": "Line", "target": { "file": "kernel/sched/syscalls.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "269438371726585458466566613200989804691", "211427408253213295809454049196111052369", "251650129611946545747980028772462138986", "143657221160584313264887303943947552185" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70ee7947a29029736a1a06c73a48ff37674a851b" }, { "id": "CVE-2024-41932-5c98f8f8", "signature_type": "Function", "target": { "file": "kernel/sched/syscalls.c", "function": "__sched_setaffinity" }, "signature_version": "v1", "digest": { "length": 904.0, "function_hash": "112208079082531714983477888314016571832" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c3fb75f538cfcb886f6dfeb497d99fc2f263ee6" }, { "id": "CVE-2024-41932-73d8c54b", "signature_type": "Line", "target": { "file": "kernel/sched/syscalls.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "269438371726585458466566613200989804691", "211427408253213295809454049196111052369", "251650129611946545747980028772462138986", "143657221160584313264887303943947552185" ], "threshold": 0.9 }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5c3fb75f538cfcb886f6dfeb497d99fc2f263ee6" }, { "id": "CVE-2024-41932-a589a858", "signature_type": "Function", "target": { "file": "kernel/sched/syscalls.c", "function": "__sched_setaffinity" }, "signature_version": "v1", "digest": { "length": 904.0, "function_hash": "112208079082531714983477888314016571832" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70ee7947a29029736a1a06c73a48ff37674a851b" } ] }