CVE-2024-50138
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50138
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50138.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50138
- Downstream
- Related
- Published
- 2024-11-05T17:11:01Z
- Modified
- 2025-10-17T16:33:25.279403Z
- Summary
- bpf: Use raw_spinlock_t in ringbuf
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bpf: Use rawspinlockt in ringbuf
The function _bpfringbufreserve is invoked from a tracepoint, which disables preemption. Using spinlockt in this context can lead to a "sleep in atomic" warning in the RT variant. This issue is illustrated in the example below:
BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:48 inatomic(): 1, irqsdisabled(): 0, nonblock: 0, pid: 556208, name: testprogs preemptcount: 1, expected: 0 RCU nest depth: 1, expected: 1 INFO: lockdep is turned off. Preemption disabled at: [<ffffd33a5c88ea44>] migrateenable+0xc0/0x39c CPU: 7 PID: 556208 Comm: testprogs Tainted: G Hardware name: Qualcomm SA8775P Ride (DT) Call trace: dumpbacktrace+0xac/0x130 showstack+0x1c/0x30 dumpstacklvl+0xac/0xe8 dumpstack+0x18/0x30 _mightresched+0x3bc/0x4fc rtspinlock+0x8c/0x1a4 _bpfringbufreserve+0xc4/0x254 bpfringbufreservedynptr+0x5c/0xdc bpfprogac3d15160d62622atestreadwrite+0x104/0x238 tracecallbpf+0x238/0x774 perfcallbpfenter.isra.0+0x104/0x194 perfsyscallenter+0x2f8/0x510 tracesysenter+0x39c/0x564 syscalltraceenter+0x220/0x3c0 doel0svc+0x138/0x1dc el0svc+0x54/0x130 el0t64synchandler+0x134/0x150 el0t64_sync+0x17c/0x180
Switch the spinlock to rawspinlockt to avoid this error.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/5eb34999d118e69a20dc0c6556f315fcb0a1f8d3
- https://git.kernel.org/stable/c/8b62645b09f870d70c7910e7550289d444239a46
- https://git.kernel.org/stable/c/ca30e682e5d6de44d12c4610767811c9a21d59ba
- https://git.kernel.org/stable/c/f9543375d9b150b2bcf16bb182e6b62309db0888
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced457f44363a8894135c85b7a9afd2bd8196db24abFixed5eb34999d118e69a20dc0c6556f315fcb0a1f8d3
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced457f44363a8894135c85b7a9afd2bd8196db24abFixedf9543375d9b150b2bcf16bb182e6b62309db0888
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced457f44363a8894135c85b7a9afd2bd8196db24abFixedca30e682e5d6de44d12c4610767811c9a21d59ba
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced457f44363a8894135c85b7a9afd2bd8196db24abFixed8b62645b09f870d70c7910e7550289d444239a46