medium
5.5
Advisory Published
Updated

CVE-2024-57939: riscv: Fix sleeping in invalid context in die()

First published: Tue Jan 21 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix sleeping in invalid context in die() die() can be called in exception handler, and therefore cannot sleep. However, die() takes spinlock_t which can sleep with PREEMPT_RT enabled. That causes the following warning: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 285, name: mutex preempt_count: 110001, expected: 0 RCU nest depth: 0, expected: 0 CPU: 0 UID: 0 PID: 285 Comm: mutex Not tainted 6.12.0-rc7-00022-ge19049cf7d56-dirty #234 Hardware name: riscv-virtio,qemu (DT) Call Trace: dump_backtrace+0x1c/0x24 show_stack+0x2c/0x38 dump_stack_lvl+0x5a/0x72 dump_stack+0x14/0x1c __might_resched+0x130/0x13a rt_spin_lock+0x2a/0x5c die+0x24/0x112 do_trap_insn_illegal+0xa0/0xea _new_vmalloc_restore_context_a0+0xcc/0xd8 Oops - illegal instruction [#1] Switch to use raw_spinlock_t, which does not sleep even with PREEMPT_RT enabled.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel
Linux Kernel>=4.15<5.10.234
Linux Kernel>=5.11<=5.15.177
Linux Kernel>=5.16<=6.1.125
Linux Kernel>=6.2<=6.6.72
Linux Kernel>=6.7<=6.12.10
Linux Kernel=6.13-rc1
Linux Kernel=6.13-rc2
Linux Kernel=6.13-rc3
Linux Kernel=6.13-rc4
Linux Kernel=6.13-rc5
Linux Kernel=6.13-rc6
debian/linux<=5.10.223-1<=5.10.234-1
6.1.129-1
6.1.128-1
6.12.20-1
6.12.21-1
debian/linux-6.1
6.1.129-1~deb11u1

Remedy

https://git.kernel.org/stable/c/10c24df2e303f517fab0359392c11b6b1d553f2b

Remedy

https://git.kernel.org/stable/c/6a97f4118ac07cfdc316433f385dbdc12af5025e

Remedy

https://git.kernel.org/stable/c/76ab0afcdbe8c9685b589016ee1c0e25fe596707

Remedy

https://git.kernel.org/stable/c/8c38baa03ac8e18140faf36a3b955d30cad48e74

Remedy

https://git.kernel.org/stable/c/c21df31fc2a4afc02a6e56511364e9e793ea92ec

Remedy

https://git.kernel.org/stable/c/f48f060a4b36b5e96628f6c3fb1540f1e8dedb69

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-57939?

    CVE-2024-57939 has been classified as a medium severity vulnerability.

  • How do I fix CVE-2024-57939?

    To fix CVE-2024-57939, ensure that you are using the latest patched version of the Linux kernel.

  • What systems are affected by CVE-2024-57939?

    CVE-2024-57939 affects systems running the Linux kernel with PREEMPT_RT enabled.

  • What is the impact of CVE-2024-57939?

    The impact of CVE-2024-57939 includes potential system instability due to sleeping in an invalid context.

  • Is CVE-2024-57939 related to kernel panic?

    Yes, CVE-2024-57939 may cause kernel panic under certain conditions due to improper handling in the exception context.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203