CVE-2024-41036— net: ks8851: Fix deadlock with the SPI chip variant
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-41036
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
net: ks8851: Fix deadlock with the SPI chip variant
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start_xmit_spi and ks8851_irq: watchdog: BUG: soft lockup - CPU#0 stuck for 27s! call trace: queued_spin_lock_slowpath+0x100/0x284 do_raw_spin_lock+0x34/0x44 ks8851_start_xmit_spi+0x30/0xb8 ks8851_start_xmit+0x14/0x20 netdev_start_xmit+0x40/0x6c dev_hard_start_xmit+0x6c/0xbc sch_direct_xmit+0xa4/0x22c __qdisc_run+0x138/0x3fc qdisc_run+0x24/0x3c net_tx_action+0xf8/0x130 handle_softirqs+0x1ac/0x1f0 __do_softirq+0x14/0x20 ____do_softirq+0x10/0x1c call_on_irq_stack+0x3c/0x58 do_softirq_own_stack+0x1c/0x28 __irq_exit_rcu+0x54/0x9c irq_exit_rcu+0x10/0x1c el1_interrupt+0x38/0x50 el1h_64_irq_handler+0x18/0x24 el1h_64_irq+0x64/0x68 __netif_schedule+0x6c/0x80 netif_tx_wake_queue+0x38/0x48 ks8851_irq+0xb8/0x2c8 irq_thread_fn+0x2c/0x74 irq_thread+0x10c/0x1b0 kthread+0xc8/0xd8 ret_from_fork+0x10/0x20 This issue has not been identified earlier because tests were done on a device with SMP disabled and so spinlocks were actually NOPs. Now use spin_(un)lock_bh for TX queue related locking to avoid execution of softirq work synchronously that would lead to a deadlock.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于在SMP启用的情况下,statelock自旋锁在ks8851_start_xmit_spi和ks8851_irq之间存在死锁问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-41036
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-41036
请登录查看更多情报信息。
Same Patch Batch · Linux · 2024-07-29 · 121 CVEs total
| CVE-2024-41089 | drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes | |
| CVE-2024-42068 | bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() | |
| CVE-2024-42067 | bpf: Take return from set_memory_rox() into account with bpf_jit_binary_lock_ro() | |
| CVE-2024-42066 | drm/xe: Fix potential integer overflow in page size calculation | |
| CVE-2024-42065 | drm/xe: Add a NULL check in xe_ttm_stolen_mgr_init | |
| CVE-2024-42063 | bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode | |
| CVE-2024-42064 | drm/amd/display: Skip pipe if the pipe idx not set properly | |
| CVE-2023-52887 | net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_s | |
| CVE-2024-41098 | ata: libata-core: Fix null pointer dereference on error | |
| CVE-2024-41097 | usb: atm: cxacru: fix endpoint checking in cxacru_bind() | |
| CVE-2024-41096 | PCI/MSI: Fix UAF in msi_capability_init | |
| CVE-2024-41095 | drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes | |
| CVE-2024-41094 | drm/fbdev-dma: Only set smem_start is enable per module option | |
| CVE-2024-41093 | drm/amdgpu: avoid using null object of framebuffer | |
| CVE-2024-41092 | drm/i915/gt: Fix potential UAF by revoke of fence registers | |
| CVE-2024-41078 | btrfs: qgroup: fix quota root leak after quota disable failure | |
| CVE-2024-41081 | ila: block BH in ila_output() | |
| CVE-2024-41080 | io_uring: fix possible deadlock in io_register_iowq_max_workers() | |
| CVE-2024-41079 | nvmet: always initialize cqe.result | |
| CVE-2024-41076 | NFSv4: Fix memory leak in nfs4_set_security_label |
Showing top 20 of 121 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2024-41036
No comments yet