cve/rejected/2024/CVE-2024-35876.json - pub/scm/linux/security/vulns - Git at Google

 {
    "containers": {
       "cna": {
          "providerMetadata": {
             "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
          },
          "descriptions": [
             {
                "lang": "en",
                "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mce: Make sure to grab mce_sysfs_mutex in set_bank()\n\nModifying a MCA bank's MCA_CTL bits which control which error types to\nbe reported is done over\n\n  /sys/devices/system/machinecheck/\n  ├── machinecheck0\n  │   ├── bank0\n  │   ├── bank1\n  │   ├── bank10\n  │   ├── bank11\n  ...\n\nsysfs nodes by writing the new bit mask of events to enable.\n\nWhen the write is accepted, the kernel deletes all current timers and\nreinits all banks.\n\nDoing that in parallel can lead to initializing a timer which is already\narmed and in the timer wheel, i.e., in use already:\n\n  ODEBUG: init active (active state 0) object: ffff888063a28000 object\n  type: timer_list hint: mce_timer_fn+0x0/0x240 arch/x86/kernel/cpu/mce/core.c:2642\n  WARNING: CPU: 0 PID: 8120 at lib/debugobjects.c:514\n  debug_print_object+0x1a0/0x2a0 lib/debugobjects.c:514\n\nFix that by grabbing the sysfs mutex as the rest of the MCA sysfs code\ndoes.\n\nReported by: Yue Sun <samsun1006219@gmail.com>\nReported by: xingwei lee <xrivendell7@gmail.com>"
             }
          ],
          "affected": [
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "unaffected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "versions": [
                   {
                      "version": "1da177e4c3f4",
                      "lessThan": "976b1b2680fb",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "1da177e4c3f4",
                      "lessThan": "f5e65b782f3e",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "1da177e4c3f4",
                      "lessThan": "f860595512ff",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "1da177e4c3f4",
                      "lessThan": "20a915154ccb",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "1da177e4c3f4",
                      "lessThan": "5a02df3e9247",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "1da177e4c3f4",
                      "lessThan": "32223b0b60d5",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "1da177e4c3f4",
                      "lessThan": "3ddf944b32f8",
                      "status": "affected",
                      "versionType": "git"
                   }
                ]
             },
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "affected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "versions": [
                   {
                      "version": "5.4.274",
                      "lessThanOrEqual": "5.4.*",
                      "status": "unaffected",
                      "versionType": "custom"
                   },
                   {
                      "version": "5.10.215",
                      "lessThanOrEqual": "5.10.*",
                      "status": "unaffected",
                      "versionType": "custom"
                   },
                   {
                      "version": "5.15.154",
                      "lessThanOrEqual": "5.15.*",
                      "status": "unaffected",
                      "versionType": "custom"
                   },
                   {
                      "version": "6.1.85",
                      "lessThanOrEqual": "6.1.*",
                      "status": "unaffected",
                      "versionType": "custom"
                   },
                   {
                      "version": "6.6.26",
                      "lessThanOrEqual": "6.6.*",
                      "status": "unaffected",
                      "versionType": "custom"
                   },
                   {
                      "version": "6.8.5",
                      "lessThanOrEqual": "6.8.*",
                      "status": "unaffected",
                      "versionType": "custom"
                   },
                   {
                      "version": "6.9",
                      "lessThanOrEqual": "*",
                      "status": "unaffected",
                      "versionType": "original_commit_for_fix"
                   }
                ]
             }
          ],
          "references": [
             {
                "url": "https://git.kernel.org/stable/c/976b1b2680fb4c01aaf05a0623288d87619a6c93"
             },
             {
                "url": "https://git.kernel.org/stable/c/f5e65b782f3e07324b9a8fa3cdaee422f057c758"
             },
             {
                "url": "https://git.kernel.org/stable/c/f860595512ff5c05a29fa4d64169c3fd1186b8cf"
             },
             {
                "url": "https://git.kernel.org/stable/c/20a915154ccb88da08986ab6c9fc4c1cf6259de2"
             },
             {
                "url": "https://git.kernel.org/stable/c/5a02df3e92470efd589712925b5c722e730276a0"
             },
             {
                "url": "https://git.kernel.org/stable/c/32223b0b60d53f49567fc501f91ca076ae96be6b"
             },
             {
                "url": "https://git.kernel.org/stable/c/3ddf944b32f88741c303f0b21459dbb3872b8bc5"
             }
          ],
          "title": "x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()",
          "x_generator": {
             "engine": "bippy-d175d3acf727"
          }
       }
    },
    "cveMetadata": {
       "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
       "cveID": "CVE-2024-35876",
       "requesterUserId": "gregkh@kernel.org",
       "serial": "1",
       "state": "PUBLISHED"
    },
    "dataType": "CVE_RECORD",
    "dataVersion": "5.0"
 }
	{
	"containers": {
	"cna": {
	"providerMetadata": {
	"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
	},
	"descriptions": [
	{
	"lang": "en",
	"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mce: Make sure to grab mce_sysfs_mutex in set_bank()\n\nModifying a MCA bank's MCA_CTL bits which control which error types to\nbe reported is done over\n\n /sys/devices/system/machinecheck/\n ├── machinecheck0\n │ ├── bank0\n │ ├── bank1\n │ ├── bank10\n │ ├── bank11\n ...\n\nsysfs nodes by writing the new bit mask of events to enable.\n\nWhen the write is accepted, the kernel deletes all current timers and\nreinits all banks.\n\nDoing that in parallel can lead to initializing a timer which is already\narmed and in the timer wheel, i.e., in use already:\n\n ODEBUG: init active (active state 0) object: ffff888063a28000 object\n type: timer_list hint: mce_timer_fn+0x0/0x240 arch/x86/kernel/cpu/mce/core.c:2642\n WARNING: CPU: 0 PID: 8120 at lib/debugobjects.c:514\n debug_print_object+0x1a0/0x2a0 lib/debugobjects.c:514\n\nFix that by grabbing the sysfs mutex as the rest of the MCA sysfs code\ndoes.\n\nReported by: Yue Sun <samsun1006219@gmail.com>\nReported by: xingwei lee <xrivendell7@gmail.com>"
	}
	],
	"affected": [
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "unaffected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"versions": [
	{
	"version": "1da177e4c3f4",
	"lessThan": "976b1b2680fb",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "1da177e4c3f4",
	"lessThan": "f5e65b782f3e",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "1da177e4c3f4",
	"lessThan": "f860595512ff",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "1da177e4c3f4",
	"lessThan": "20a915154ccb",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "1da177e4c3f4",
	"lessThan": "5a02df3e9247",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "1da177e4c3f4",
	"lessThan": "32223b0b60d5",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "1da177e4c3f4",
	"lessThan": "3ddf944b32f8",
	"status": "affected",
	"versionType": "git"
	}
	]
	},
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "affected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"versions": [
	{
	"version": "5.4.274",
	"lessThanOrEqual": "5.4.*",
	"status": "unaffected",
	"versionType": "custom"
	},
	{
	"version": "5.10.215",
	"lessThanOrEqual": "5.10.*",
	"status": "unaffected",
	"versionType": "custom"
	},
	{
	"version": "5.15.154",
	"lessThanOrEqual": "5.15.*",
	"status": "unaffected",
	"versionType": "custom"
	},
	{
	"version": "6.1.85",
	"lessThanOrEqual": "6.1.*",
	"status": "unaffected",
	"versionType": "custom"
	},
	{
	"version": "6.6.26",
	"lessThanOrEqual": "6.6.*",
	"status": "unaffected",
	"versionType": "custom"
	},
	{
	"version": "6.8.5",
	"lessThanOrEqual": "6.8.*",
	"status": "unaffected",
	"versionType": "custom"
	},
	{
	"version": "6.9",
	"lessThanOrEqual": "*",
	"status": "unaffected",
	"versionType": "original_commit_for_fix"
	}
	]
	}
	],
	"references": [
	{
	"url": "https://git.kernel.org/stable/c/976b1b2680fb4c01aaf05a0623288d87619a6c93"
	},
	{
	"url": "https://git.kernel.org/stable/c/f5e65b782f3e07324b9a8fa3cdaee422f057c758"
	},
	{
	"url": "https://git.kernel.org/stable/c/f860595512ff5c05a29fa4d64169c3fd1186b8cf"
	},
	{
	"url": "https://git.kernel.org/stable/c/20a915154ccb88da08986ab6c9fc4c1cf6259de2"
	},
	{
	"url": "https://git.kernel.org/stable/c/5a02df3e92470efd589712925b5c722e730276a0"
	},
	{
	"url": "https://git.kernel.org/stable/c/32223b0b60d53f49567fc501f91ca076ae96be6b"
	},
	{
	"url": "https://git.kernel.org/stable/c/3ddf944b32f88741c303f0b21459dbb3872b8bc5"
	}
	],
	"title": "x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()",
	"x_generator": {
	"engine": "bippy-d175d3acf727"
	}
	}
	},
	"cveMetadata": {
	"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
	"cveID": "CVE-2024-35876",
	"requesterUserId": "gregkh@kernel.org",
	"serial": "1",
	"state": "PUBLISHED"
	},
	"dataType": "CVE_RECORD",
	"dataVersion": "5.0"
	}