Rapid7 Vulnerability & Exploit Database

Oracle Linux: (CVE-2024-35959) ELSA-2024-4211: kernel security and bug fix update

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Oracle Linux: (CVE-2024-35959) ELSA-2024-4211: kernel security and bug fix update

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
05/20/2024
Created
07/04/2024
Added
07/03/2024
Modified
07/03/2024

Description

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: Fix mlx5e_priv_init() cleanup flow

When mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which

calls mlx5e_selq_apply() that assures that the `priv->state_lock` is held using

lockdep_is_held().

Acquire the state_lock in mlx5e_selq_cleanup().

Kernel log:

=============================

WARNING: suspicious RCU usage

6.8.0-rc3_net_next_841a9b5 #1 Not tainted

-----------------------------

drivers/net/ethernet/mellanox/mlx5/core/en/selq.c:124 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:

rcu_scheduler_active = 2, debug_locks = 1

2 locks held by systemd-modules/293:

#0: ffffffffa05067b0 (devices_rwsem){++++}-{3:3}, at: ib_register_client+0x109/0x1b0 [ib_core]

#1: ffff8881096c65c0 (&device->client_data_rwsem){++++}-{3:3}, at: add_client_context+0x104/0x1c0 [ib_core]

stack backtrace:

CPU: 4 PID: 293 Comm: systemd-modules Not tainted 6.8.0-rc3_net_next_841a9b5 #1

Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014

Call Trace:

<TASK>

dump_stack_lvl+0x8a/0xa0

lockdep_rcu_suspicious+0x154/0x1a0

mlx5e_selq_apply+0x94/0xa0 [mlx5_core]

mlx5e_selq_cleanup+0x3a/0x60 [mlx5_core]

mlx5e_priv_init+0x2be/0x2f0 [mlx5_core]

mlx5_rdma_setup_rn+0x7c/0x1a0 [mlx5_core]

rdma_init_netdev+0x4e/0x80 [ib_core]

? mlx5_rdma_netdev_free+0x70/0x70 [mlx5_core]

ipoib_intf_init+0x64/0x550 [ib_ipoib]

ipoib_intf_alloc+0x4e/0xc0 [ib_ipoib]

ipoib_add_one+0xb0/0x360 [ib_ipoib]

add_client_context+0x112/0x1c0 [ib_core]

ib_register_client+0x166/0x1b0 [ib_core]

? 0xffffffffa0573000

ipoib_init_module+0xeb/0x1a0 [ib_ipoib]

do_one_initcall+0x61/0x250

do_init_module+0x8a/0x270

init_module_from_file+0x8b/0xd0

idempotent_init_module+0x17d/0x230

__x64_sys_finit_module+0x61/0xb0

do_syscall_64+0x71/0x140

entry_SYSCALL_64_after_hwframe+0x46/0x4e

</TASK>

Solution(s)

  • oracle-linux-upgrade-kernel

References

  • ELSA-2024-4211
  • CVE-2024-35959

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;