medium
5.5
CWE
667
EPSS
0.044%
Advisory Published
CVE Published
Updated

CVE-2024-35806: soc: fsl: qbman: Always disable interrupts when taking cgr_lock

First published: Fri May 17 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Always disable interrupts when taking cgr_lock smp_call_function_single disables IRQs when executing the callback. To prevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere. This is already done by qman_update_cgr and qman_delete_cgr; fix the other lockers.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux kernel>=4.9.92<4.10
Linux kernel>=4.14.32<4.15
Linux kernel>=4.15.15<4.19.312
Linux kernel>=4.20<5.4.274
Linux kernel>=5.5<5.10.215
Linux kernel>=5.11<5.15.154
Linux kernel>=5.16<6.1.84
Linux kernel>=6.2<6.6.24
Linux kernel>=6.7<6.7.12
Linux kernel>=6.8<6.8.3
Debian=10.0
debian/linux
5.10.223-1
5.10.234-1
6.1.123-1
6.1.128-1
6.12.12-1
6.12.16-1

Remedy

https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397

Remedy

https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f

Remedy

https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3

Remedy

https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a

Remedy

https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03

Remedy

https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd

Remedy

https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9

Remedy

https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec

Remedy

https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-35806?

    CVE-2024-35806 is classified as a critical vulnerability in the Linux kernel.

  • How do I fix CVE-2024-35806?

    To fix CVE-2024-35806, update the Linux kernel to a patched version such as 5.10.223-1 or later.

  • Which versions of Linux kernel are affected by CVE-2024-35806?

    CVE-2024-35806 affects multiple versions of the Linux kernel ranging from 4.9.92 to 6.8.3.

  • What are the consequences of not addressing CVE-2024-35806?

    Failing to address CVE-2024-35806 may lead to potential deadlocks that can disrupt system stability and performance.

  • Who is affected by CVE-2024-35806?

    Users and organizations running vulnerable versions of the Linux kernel are at risk from CVE-2024-35806.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203