CVE-2024-27030: octeontx2-af: Use separate handlers for interrupts
First published: Wed May 01 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two CPUs at same time then two cores serve same event corrupting the data.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <5.4.273 | 5.4.273 |
| redhat/kernel | <5.10.214 | 5.10.214 |
| redhat/kernel | <5.15.153 | 5.15.153 |
| redhat/kernel | <6.1.83 | 6.1.83 |
| redhat/kernel | <6.6.23 | 6.6.23 |
| redhat/kernel | <6.7.11 | 6.7.11 |
| redhat/kernel | <6.8.2 | 6.8.2 |
| redhat/kernel | <6.9 | 6.9 |
| Linux kernel | >=4.20<5.4.273 | |
| Linux kernel | >=5.5<5.10.214 | |
| Linux kernel | >=5.11<5.15.153 | |
| Linux kernel | >=5.16<6.1.83 | |
| Linux kernel | >=6.2<6.6.23 | |
| Linux kernel | >=6.7<6.7.11 | |
| Linux kernel | >=6.8<6.8.2 | |
| Debian | =10.0 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.17-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/29d2550d79a8cbd31e0fbaa5c0e2a2efdc444e44
- https://git.kernel.org/stable/c/4fedae8f9eafa2ac8cdaca58e315f52a7e2a8701
- https://git.kernel.org/stable/c/50e60de381c342008c0956fd762e1c26408f372c
- https://git.kernel.org/stable/c/766c2627acb2d9d1722cce2e24837044d52d888a
- https://git.kernel.org/stable/c/772f18ded0e240cc1fa2b7020cc640e3e5c32b70
- https://git.kernel.org/stable/c/94cb17e5cf3a3c484063abc0ce4b8a2b2e8c1cb2
- https://git.kernel.org/stable/c/ad6759e233db6fcc131055f8e23b4eafbe81053c
- https://git.kernel.org/stable/c/dc29dd00705a62c77de75b6d752259b869aac49d
- https://launchpad.net/bugs/cve/CVE-2024-27030
- https://access.redhat.com/security/cve/CVE-2024-27030
- https://lore.kernel.org/linux-cve-announce/2024050110-CVE-2024-27030-d75a@gregkh/T
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2278474
- https://access.redhat.com/errata/RHSA-2024:4928
- https://access.redhat.com/errata/RHSA-2024:5067
- https://access.redhat.com/errata/RHSA-2024:5066
- https://bugzilla.redhat.com/show_bug.cgi?id=2278473
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27030
- https://nvd.nist.gov/vuln/detail/CVE-2024-27030
- https://security-tracker.debian.org/tracker/CVE-2024-27030
- https://ubuntu.com/security/CVE-2024-27030
- https://git.kernel.org/linus/50e60de381c342008c0956fd762e1c26408f372c
Frequently Asked Questions
What is the severity of CVE-2024-27030?
CVE-2024-27030 has a medium severity rating due to the race condition it introduces.
How do I fix CVE-2024-27030?
To fix CVE-2024-27030, update your Linux kernel to the fixed versions specified for your distribution.
Which versions of the Linux kernel are affected by CVE-2024-27030?
CVE-2024-27030 affects versions of the Linux kernel prior to 5.4.273, 5.10.214, 5.15.153, 6.1.83, 6.6.23, 6.7.11, 6.8.2, and 6.9.
Can CVE-2024-27030 lead to system crashes?
Yes, CVE-2024-27030 can cause system instability and potential crashes due to the race condition in interrupt handling.
Is CVE-2024-27030 exploited in the wild?
As of now, there are no known active exploits for CVE-2024-27030.
- agent/weakness
- agent/title
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-27030
- agent/software-canonical-lookup
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/source
- agent/tags
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- agent/softwarecombine
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/6.2
- version/linux kernel/6.7
- version/linux kernel/6.8
- vendor/debian
- canonical/debian
- version/debian/10.0
- package-manager/debian