CVE-2024-42140

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-42140

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42140.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-42140

Downstream

BELL-CVE-2024-42140

DEBIAN-CVE-2024-42140

DLA-4008-1

OESA-2024-2076

UBUNTU-CVE-2024-42140

USN-7007-1

USN-7007-2

USN-7007-3

USN-7009-1

USN-7009-2

USN-7019-1

USN-7089-1

USN-7089-2

USN-7089-3

USN-7089-4

USN-7089-5

USN-7089-6

USN-7089-7

USN-7090-1

USN-7095-1

USN-7156-1

Related

Published

2024-07-30T08:15:05Z

Modified

2025-08-09T19:01:27Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

riscv: kexec: Avoid deadlock in kexec crash path

If the kexec crash code is called in the interrupt context, the machinekexecmaskinterrupts() function will trigger a deadlock while trying to acquire the irqdesc spinlock and then deactivate irqchip in irqsetirqchipstate() function.

Unlike arm64, riscv only requires irqeoi handler to complete EOI and keeping irqsetirqchipstate() will only leave this possible deadlock without any use. So we simply remove it.

References

Affected packages