CVE-2024-56760
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-56760
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56760.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-56760
- Related
- Published
- 2025-01-06T17:15:41Z
- Modified
- 2025-01-16T05:45:32.152934Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
PCI/MSI: Handle lack of irqdomain gracefully
Alexandre observed a warning emitted from pcimsisetupmsiirqs() on a RISCV platform which does not provide PCI/MSI support:
WARNING: CPU: 1 PID: 1 at drivers/pci/msi/msi.h:121 pcimsisetupmsiirqs+0x2c/0x32 _pcienablemsixrange+0x30c/0x596 pcimsisetupmsiirqs+0x2c/0x32 pciallocirqvectorsaffinity+0xb8/0xe2
RISCV uses hierarchical interrupt domains and correctly does not implement the legacy fallback. The warning triggers from the legacy fallback stub.
That warning is bogus as the PCI/MSI layer knows whether a PCI/MSI parent domain is associated with the device or not. There is a check for MSI-X, which has a legacy assumption. But that legacy fallback assumption is only valid when legacy support is enabled, but otherwise the check should simply return -ENOTSUPP.
Loongarch tripped over the same problem and blindly enabled legacy support without implementing the legacy fallbacks. There are weak implementations which return an error, so the problem was papered over.
Correct pcimsidomain_supports() to evaluate the legacy mode and add the missing supported check into the MSI enable path to complete it.
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.12.8-1