DEBIAN-CVE-2024-35801
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2024-35801
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2024-35801.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2024-35801
- Upstream
- Published
- 2024-05-17T14:15:12Z
- Modified
- 2025-09-17T12:12:52.093152Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfdstate in sync with MSRIA32XFD Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a per CPU variable xfdstate to keep the MSRIA32XFD value cached, in order to avoid unnecessary writes to the MSR. On CPU hotplug MSRIA32XFD is reset to the initfpstate.xfd, which wipes out any stale state. But the per CPU cached xfd value is not reset, which brings them out of sync. As a consequence a subsequent xfdupdatestate() might fail to update the MSR which in turn can result in XRSTOR raising a #NM in kernel space, which crashes the kernel. To fix this, introduce xfdsetstate() to write xfdstate together with MSRIA32XFD, and use it in all places that set MSRIA32XFD.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.85-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source