CVE-2024-38553

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-38553
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38553.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-38553
Downstream
Related
Published
2024-06-19T14:15:15Z
Modified
2025-08-09T20:01:26Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: fec: remove .ndopollcontroller to avoid deadlocks

There is a deadlock issue found in sungem driver, please refer to the commit ac0a230f719b ("eth: sungem: remove .ndopollcontroller to avoid deadlocks"). The root cause of the issue is that netpoll is in atomic context and disableirq() is called by .ndopollcontroller interface of sungem driver, however, disableirq() might sleep. After analyzing the implementation of fecpollcontroller(), the fec driver should have the same issue. Due to the fec driver uses NAPI for TX completions, the .ndopollcontroller is unnecessary to be implemented in the fec driver, so fecpollcontroller() can be safely removed.

References

Affected packages