CVE-2024-35806

soc: fsl: qbman: Always disable interrupts when taking cgr_lock

Description

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Always disable interrupts when taking cgr_lock smp_call_function_single disables IRQs when executing the callback. To prevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere. This is already done by qman_update_cgr and qman_delete_cgr; fix the other lockers.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/b56a793f267679945d1fdb9a280013bd2d0ed7f9 patch
https://git.kernel.org/stable/c/62c3ecd2833cff0eff4a82af4082c44ca8d2518a patch
https://git.kernel.org/stable/c/dd199e5b759ffe349622a4b8fbcafc51fc51b1ec patch
https://git.kernel.org/stable/c/e6378314bb920acb39013051fa65d8f9f8030430 patch
https://git.kernel.org/stable/c/a62168653774c36398d65846a98034436ee66d03 patch
https://git.kernel.org/stable/c/0e6521b0f93ff350434ed4ae61a250907e65d397 patch
https://git.kernel.org/stable/c/276af8efb05c8e47acf2738a5609dd72acfc703f patch
https://git.kernel.org/stable/c/af25c5180b2b1796342798f6c56fcfd12f5035bd patch
https://git.kernel.org/stable/c/584c2a9184a33a40fceee838f856de3cffa19be3 patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-35806?
CVE-2024-35806 has been scored as a medium severity vulnerability.
How to fix CVE-2024-35806?
To fix CVE-2024-35806, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-35806 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-35806 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-35806?
CVE-2024-35806 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.