Bug 2294222 (CVE-2024-39292)
| Summary: | CVE-2024-39292 kernel: um: Add winch to winch_handlers before registering winch IRQ | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Avinash Hanwate <ahanwate> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | dfreiber, drow, jburrell, mbenatto, vkumar |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel 4.19.316, kernel 5.4.278, kernel 5.10.219, kernel 5.15.161, kernel 6.1.93, kernel 6.6.33, kernel 6.9.4, kernel 6.10-rc1 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A vulnerability was found in the Linux kernel's handling of winch IRQs. This issue involves the registration of winch IRQs before adding winch handlers to the winch_handlers list. This oversight could potentially lead to improper IRQ handling and impact system stability or security. This issue has been resolved by ensuring that winch handlers are added to the list before the IRQs are registered.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2294214 | ||
|
Description
Avinash Hanwate
2024-06-25 13:37:37 UTC
|