Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2024-49926

Description

In the Linux kernel, the following vulnerability has been resolved:rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()For kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids isdefined as NR_CPUS instead of the number of possible cpus, thiswill cause the following system panic:smpboot: Allowing 4 CPUs, 0 hotplug CPUs...setup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:512 nr_node_ids:1...BUG: unable to handle page fault for address: ffffffff9911c8c8Oops: 0000 [#1] PREEMPT SMP PTICPU: 0 PID: 15 Comm: rcu_tasks_trace Tainted: G W6.6.21 #1 5dc7acf91a5e8e9ac9dcfc35bee0245691283ea6RIP: 0010:rcu_tasks_need_gpcb+0x25d/0x2c0RSP: 0018:ffffa371c00a3e60 EFLAGS: 00010082CR2: ffffffff9911c8c8 CR3: 000000040fa20005 CR4: 00000000001706f0Call Trace:? __die+0x23/0x80? page_fault_oops+0xa4/0x180? exc_page_fault+0x152/0x180? asm_exc_page_fault+0x26/0x40? rcu_tasks_need_gpcb+0x25d/0x2c0? __pfx_rcu_tasks_kthread+0x40/0x40rcu_tasks_one_gp+0x69/0x180rcu_tasks_kthread+0x94/0xc0kthread+0xe8/0x140? __pfx_kthread+0x40/0x40ret_from_fork+0x34/0x80? __pfx_kthread+0x40/0x40ret_from_fork_asm+0x1b/0x80Considering that there may be holes in the CPU numbers, use themaximum possible cpu number, instead of nr_cpu_ids, for configuringenqueue and dequeue limits.[ neeraj.upadhyay: Fix htmldocs build error reported by Stephen Rothwell ]

POC

Reference

No PoCs from references.

Github

- https://github.com/fkie-cad/nvd-json-data-feeds