soc: fsl: qbman:获取 cgr_lock 时始终禁用中断 (CVE-2024-35806)

CVE编号

CVE-2024-35806

利用情况

暂无

补丁情况

N/A

披露时间

2024-05-17
漏洞描述
In the Linux kernel, the following vulnerability has been resolved:

soc: fsl: qbman: Always disable interrupts when taking cgr_lock

smp_call_function_single disables IRQs when executing the callback. To
prevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.
This is already done by qman_update_cgr and qman_delete_cgr; fix the
other lockers.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397
https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f
https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3
https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a
https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03
https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd
https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9
https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec
https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
系统 debian_11 linux * Up to
(excluding)
5.10.216-1
运行在以下环境
系统 debian_12 linux * Up to
(excluding)
6.1.85-1
CVSS3评分
N/A
  • 攻击路径
    N/A
  • 攻击复杂度
    N/A
  • 权限要求
    N/A
  • 影响范围
    N/A
  • 用户交互
    N/A
  • 可用性
    N/A
  • 保密性
    N/A
  • 完整性
    N/A
N/A
CWE-ID 漏洞类型
阿里云安全产品覆盖情况