CVE-2024-48876

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-48876
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-48876.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-48876
Downstream
Related
Published
2025-01-11T13:15:23Z
Modified
2025-09-23T16:38:27Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

stackdepot: fix stackdepotsave_flags() in NMI context

Per documentation, stackdepotsaveflags() was meant to be usable from NMI context if STACKDEPOTFLAGCANALLOC is unset. However, it still would try to take the poollock in an attempt to save a stack trace in the current pool (if space is available).

This could result in deadlock if an NMI is handled while pool_lock is already held. To avoid deadlock, only try to take the lock in NMI context and give up if unsuccessful.

The documentation is fixed to clearly convey this.

References

Affected packages