CVE-2024-38780

Published Jun 21, 2024

Last updated 4 months ago

CVSS medium 5.5

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from sync_print_obj() Since commit a6aa8fca4d79 ("dma-buf/sw-sync: Reduce irqsave/irqrestore from known context") by error replaced spin_unlock_irqrestore() with spin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite sync_print_obj() is called from sync_debugfs_show(), lockdep complains inconsistent lock state warning. Use plain spin_{lock,unlock}() for sync_print_obj(), for sync_debugfs_show() is already using spin_{lock,unlock}_irq().
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-667

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B315D019-A13E-4F3D-A112-34814763334F",
            "versionEndExcluding": "4.14"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34445C8D-D7E6-4796-B792-C9257E89257B",
            "versionEndExcluding": "4.19.316",
            "versionStartIncluding": "4.19"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E2371B0-4787-4038-B526-021D4CF93B31",
            "versionEndExcluding": "5.4.278",
            "versionStartIncluding": "5.4"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5311C980-4CDF-4C10-8875-F04ED0F03398",
            "versionEndExcluding": "5.10.219",
            "versionStartIncluding": "5.10"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3",
            "versionEndExcluding": "5.15.161",
            "versionStartIncluding": "5.15"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7446FC33-DC4F-4D31-94B5-FB577CFA66F4",
            "versionEndExcluding": "6.1.93",
            "versionStartIncluding": "6.1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD",
            "versionEndExcluding": "6.6.33",
            "versionStartIncluding": "6.6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE",
            "versionEndExcluding": "6.9.4",
            "versionStartIncluding": "6.9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References