CVE-2024-44957

Updated: 2024-09-14 04:54:25.010801

Description:

In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Switch from mutex to spinlock for irqfds irqfd_wakeup() gets EPOLLHUP, when it is called by eventfd_release() by way of wake_up_poll(&ctx->wqh, EPOLLHUP), which gets called under spin_lock_irqsave(). We can't use a mutex here as it will lead to a deadlock. Fix it by switching over to a spin lock.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-16 12:22:59
AlmaLinux 9.2 FIPS kernel 5.14.0 5.5 MEDIUM Ignored 2024-09-16 12:22:59
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-16 12:22:59
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-16 12:22:59
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-16 12:22:59
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-16 12:22:59
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-09-16 12:22:58
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-16 12:22:59
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-09-16 12:22:58
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-09-16 12:22:58
Total: 14