AZL-49813

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-49813.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-49813

Upstream

CVE-2024-46829

Published

2024-09-27T13:15:15Z

Modified

2026-04-01T05:16:12.814914Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-46829 affecting package kernel for versions less than 5.15.167.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

rtmutex: Drop rtmutex::waitlock before scheduling

rtmutexhandledeadlock() is called with rtmutex::wait_lock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless scheduling loop with the lock held, which triggers the 'scheduling in atomic' warning.

Unlock rtmutex::waitlock in the dead lock case before issuing the warning and dropping into the schedule for ever loop.

[ tglx: Moved unlock before the WARN(), removed the pointless comment, massaged changelog, added Fixes tag ]

References

https://nvd.nist.gov/vuln/detail/CVE-2024-46829

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.167.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-49813.json"