CVE-2024-50122

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50122
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50122.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50122
Downstream
Related
Published
2024-11-05T17:10:51Z
Modified
2025-10-09T21:09:40.868315Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
PCI: Hold rescan lock while adding devices during host probe
Details

In the Linux kernel, the following vulnerability has been resolved:

PCI: Hold rescan lock while adding devices during host probe

Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter need to take the rescan lock when adding devices or we may end up in an undefined state having two incompletely added devices and hit the following crash when trying to remove the device over sysfs:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Internal error: Oops: 0000000096000004 [#1] SMP Call trace: _pistrlen+0x14/0x150 kernfsfindns+0x80/0x13c kernfsremovebynamens+0x54/0xf0 sysfsremovebinfile+0x24/0x34 pciremoveresourcefiles+0x3c/0x84 pciremovesysfsdevfiles+0x28/0x38 pcistopbusdevice+0x8c/0xd8 pcistopbusdevice+0x40/0xd8 pcistopandremovebusdevicelocked+0x28/0x48 removestore+0x70/0xb0 devattrstore+0x20/0x38 sysfskfwrite+0x58/0x78 kernfsfopwriteiter+0xe8/0x184 vfswrite+0x2dc/0x308 ksyswrite+0x7c/0xec

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4565d2652a37e438e4cd729e2a8dfeffe34c958c
Fixed
d4f38a0e7cc94615f63cf7765ca117e5cc2773ae
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4565d2652a37e438e4cd729e2a8dfeffe34c958c
Fixed
1d59d474e1cb7d4fdf87dfaf96f44647f13ea590

Affected versions

v6.*

v6.10
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.12-rc1

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.11.0
Fixed
6.11.6