CVE-2024-48876

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-48876
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-48876.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-48876
Downstream
Related
Published
2025-01-11T12:25:17Z
Modified
2025-10-17T13:42:58.336252Z
Summary
stackdepot: fix stack_depot_save_flags() in NMI context
Details

In the Linux kernel, the following vulnerability has been resolved:

stackdepot: fix stackdepotsave_flags() in NMI context

Per documentation, stackdepotsaveflags() was meant to be usable from NMI context if STACKDEPOTFLAGCANALLOC is unset. However, it still would try to take the poollock in an attempt to save a stack trace in the current pool (if space is available).

This could result in deadlock if an NMI is handled while pool_lock is already held. To avoid deadlock, only try to take the lock in NMI context and give up if unsuccessful.

The documentation is fixed to clearly convey this.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4434a56ec20925333d6cf4d4093641d063abd35b
Fixed
9bfeeeff2c92b9dd261198b601b45bde4c529841
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4434a56ec20925333d6cf4d4093641d063abd35b
Fixed
031e04bdc834cda3b054ef6b698503b2b97e8186

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.2
v6.12.3
v6.12.4
v6.13-rc1
v6.8
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.12.5