2314652 – (CVE-2024-45817) CVE-2024-45817 xen: Deadlock in vlapic_error()

Bug 2314652 (CVE-2024-45817) - CVE-2024-45817 xen: Deadlock in vlapic_error()

Summary: CVE-2024-45817 xen: Deadlock in vlapic_error()

Keywords:
Status:	NEW
Alias:	CVE-2024-45817
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2314782
Blocks:
TreeView+	depends on / blocked

Reported:	2024-09-25 11:20 UTC by OSIDB Bzimport
Modified:	2024-09-25 20:35 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2024-09-25 11:20:35 UTC

In x86's APIC (Advanced Programmable Interrupt Controller) architecture,
error conditions are reported in a status register.  Furthermore, the OS
can opt to receive an interrupt when a new error occurs.

It is possible to configure the error interrupt with an illegal vector,
which generates an error when an error interrupt is raised.

This case causes Xen to recurse through vlapic_error().  The recursion
itself is bounded; errors accumulate in the the status register and only
generate an interrupt when a new status bit becomes set.

However, the lock protecting this state in Xen will try to be taken
recursively, and deadlock.

Note You need to log in before you can comment on or make changes to this bug.