CVE-2024-38597

Updated: 2024-11-30 04:13:38.937551

Description:

In the Linux kernel, the following vulnerability has been resolved: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Erhard reports netpoll warnings from sungem: netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398) WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c gem_poll_controller() disables interrupts, which may sleep. We can't sleep in netpoll, it has interrupts disabled completely. Strangely, gem_poll_controller() doesn't even poll the completions, and instead acts as if an interrupt has fired so it just schedules NAPI and exits. None of this has been necessary for years, since netpoll invokes NAPI directly.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-16 12:22:49
AlmaLinux 9.2 FIPS kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-16 12:22:49
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-16 12:22:49
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-16 12:22:49
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-16 12:22:49
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-16 12:22:49
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-16 12:22:49
Oracle Linux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-12-03 12:09:26
Ubuntu 16.04 ELS linux 4.4.0 5.5 MEDIUM Ignored 2024-09-16 12:24:21
Ubuntu 16.04 ELS linux-hwe 4.15.0 5.5 MEDIUM Ignored 2024-09-16 12:24:37
Total: 11