CVE-2024-43876— Linux kernel 安全漏洞
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2024-43876 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup()
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or the link continues to work and user has been informed. The message from the warning can be looked up in the sources. This makes an actual link issue less verbose. First of all, this controller has a limitation in that the controller driver has to assist the hardware with transition to L1 link state by writing L1IATN to PMCTRL register, the L1 and L0 link state switching is not fully automatic on this controller. In case of an ASMedia ASM1062 PCIe SATA controller which does not support ASPM, on entry to suspend or during platform pm_test, the SATA controller enters D3hot state and the link enters L1 state. If the SATA controller wakes up before rcar_pcie_wakeup() was called and returns to D0, the link returns to L0 before the controller driver even started its transition to L1 link state. At this point, the SATA controller did send an PM_ENTER_L1 DLLP to the PCIe controller and the PCIe controller received it, and the PCIe controller did set PMSR PMEL1RX bit. Once rcar_pcie_wakeup() is called, if the link is already back in L0 state and PMEL1RX bit is set, the controller driver has no way to determine if it should perform the link transition to L1 state, or treat the link as if it is in L0 state. Currently the driver attempts to perform the transition to L1 link state unconditionally, which in this specific case fails with a PMSR L1FAEG poll timeout, however the link still works as it is already back in L0 state. Reduce this warning verbosity. In case the link is really broken, the rcar_pcie_config_access() would fail, otherwise it will succeed and any system with this controller and ASM1062 can suspend without generating a backtrace.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于 PCI 组件在处理链接问题时存在警告信息过长的问题。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
二、漏洞 CVE-2024-43876 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2024-43876 的情报信息
请登录查看更多情报信息。
同批安全公告 · Linux · 2024-08-21 · 共 69 条
| CVE-2022-48877 | Linux kernel 安全漏洞 | |
| CVE-2024-43874 | Linux kernel 安全漏洞 | |
| CVE-2024-43873 | Linux kernel 安全漏洞 | |
| CVE-2024-43875 | Linux kernel 安全漏洞 | |
| CVE-2022-48871 | Linux kernel 安全漏洞 | |
| CVE-2022-48872 | Linux kernel 安全漏洞 | |
| CVE-2022-48873 | Linux kernel 安全漏洞 | |
| CVE-2022-48874 | Linux kernel 安全漏洞 | |
| CVE-2022-48875 | Linux kernel 安全漏洞 | |
| CVE-2022-48876 | Linux kernel 安全漏洞 | |
| CVE-2022-48870 | Linux kernel 安全漏洞 | |
| CVE-2022-48878 | Linux kernel 安全漏洞 | |
| CVE-2022-48879 | Linux kernel 安全漏洞 | |
| CVE-2022-48880 | Linux kernel 安全漏洞 | |
| CVE-2022-48881 | Linux kernel 安全漏洞 | |
| CVE-2022-48882 | Linux kernel 安全漏洞 | |
| CVE-2022-48883 | Linux kernel 安全漏洞 | |
| CVE-2022-48884 | Linux kernel 安全漏洞 | |
| CVE-2022-48885 | Linux kernel 安全漏洞 | |
| CVE-2022-48886 | Linux kernel 安全漏洞 |
显示前 20 条,共 69 条。 查看全部 → →
IV. Related Vulnerabilities
V. Comments for CVE-2024-43876
暂无评论