CVE-2024-46706
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-46706
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46706.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-46706
- Related
- Published
- 2024-09-13T07:15:05Z
- Modified
- 2024-09-19T18:46:02.648352Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
tty: serial: fsllpuart: mark last busy before uartaddoneport
With "earlycon initcall_debug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime suspend is called, so early console putchar will hang in waiting TRDE set in UARTSTAT.
The lpuart driver has auto suspend delay set to 3000ms, but during uartaddoneport, a child device serial ctrl will added and probed with its pm runtime enabled(see serialctrl.c). The runtime suspend call path is: deviceadd |-> busprobedevice |->deviceinitialprobe |->deviceattach |-> pmruntimegetsync(dev->parent); |-> pmrequestidle(dev); |-> pmruntime_put(dev->parent);
So in the end, before normal console ready, the lpuart get runtime suspended. And earlycon putchar will hang.
To address the issue, mark last busy just after pmruntimeenable, three seconds is long enough to switch from bootconsole to normal console.
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.10.7-1