DEBIAN-CVE-2024-58090

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2024-58090

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-58090.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2024-58090

Upstream

CVE-2024-58090

Published

2025-03-27T15:15:54Z

Modified

2025-09-25T04:26:02.156225Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled David reported a warning observed while loop testing kexec jump: Interrupts enabled after irqrouterresume+0x0/0x50 WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscoreresume+0x18a/0x220 kernelkexec+0xf6/0x180 _dosysreboot+0x206/0x250 dosyscall64+0x95/0x180 The corresponding interrupt flag trace: hardirqs last enabled at (15573): [<ffffffffa8281b8e>] _upconsolesem+0x7e/0x90 hardirqs last disabled at (15580): [<ffffffffa8281b73>] _upconsolesem+0x63/0x90 That means _upconsolesem() was invoked with interrupts enabled. Further instrumentation revealed that in the interrupt disabled section of kexec jump one of the syscoresuspend() callbacks woke up a task, which set the NEEDRESCHED flag. A later callback in the resume path invoked condresched() which in turn led to the invocation of the scheduler: _condresched+0x21/0x60 downtimeout+0x18/0x60 acpioswaitsemaphore+0x4c/0x80 acpiutacquiremutex+0x3d/0x100 acpinsgetnode+0x27/0x60 acpinsevaluate+0x1cb/0x2d0 acpirssetsrsmethoddata+0x156/0x190 acpipcilinkset+0x11c/0x290 irqrouterresume+0x54/0x60 syscoreresume+0x6a/0x200 kernelkexec+0x145/0x1c0 _dosysreboot+0xeb/0x240 dosyscall64+0x95/0x180 This is a long standing problem, which probably got more visible with the recent printk changes. Something does a task wakeup and the scheduler sets the NEEDRESCHED flag. condresched() sees it set and invokes schedule() from a completely bogus context. The scheduler enables interrupts after context switching, which causes the above warning at the end. Quite some of the code paths in syscoresuspend()/resume() can result in triggering a wakeup with the exactly same consequences. They might not have done so yet, but as they share a lot of code with normal operations it's just a question of time. The problem only affects the PREEMPTNONE and PREEMPTVOLUNTARY scheduling models. Full preemption is not affected as condresched() is disabled and the preemption check preemptible() takes the interrupt disabled flag into account. Cure the problem by adding a corresponding check into cond_resched().

References

https://security-tracker.debian.org/tracker/CVE-2024-58090

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.237-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

5.10.178-1

5.10.178-2

5.10.178-3

5.10.179-1

5.10.179-2

5.10.179-3

5.10.179-4

5.10.179-5

5.10.191-1

5.10.197-1

5.10.205-1

5.10.205-2

5.10.209-1

5.10.209-2

5.10.216-1

5.10.218-1

5.10.221-1

5.10.223-1

5.10.226-1

5.10.234-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.133-1

Affected versions

6.*

6.1.27-1

6.1.37-1

6.1.38-1

6.1.38-2~bpo11+1

6.1.38-2

6.1.38-3

6.1.38-4~bpo11+1

6.1.38-4

6.1.52-1

6.1.55-1~bpo11+1

6.1.55-1

6.1.64-1

6.1.66-1

6.1.67-1

6.1.69-1~bpo11+1

6.1.69-1

6.1.76-1~bpo11+1

6.1.76-1

6.1.82-1

6.1.85-1

6.1.90-1~bpo11+1

6.1.90-1

6.1.94-1~bpo11+1

6.1.94-1

6.1.98-1

6.1.99-1

6.1.106-1

6.1.106-2

6.1.106-3

6.1.112-1

6.1.115-1

6.1.119-1

6.1.123-1

6.1.124-1

6.1.128-1

6.1.129-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.19-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.12.19-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / linux-6.1

Package

Name: linux-6.1
Purl: pkg:deb/debian/linux-6.1?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.137-1~deb11u1

Affected versions

6.*

6.1.106-3~deb11u1

6.1.106-3~deb11u2

6.1.106-3~deb11u3

6.1.112-1~deb11u1

6.1.119-1~deb11u1

6.1.128-1~deb11u1

6.1.129-1~deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}