CVE-2025-23161 in Linuxinfo

Zusammenfassung

von MITRE • 01.05.2025

In the Linux kernel, the following vulnerability has been resolved:

PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type

The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be accessed with disabled interrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this purpose.

A spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be acquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in the same context as the pci_lock.

Make vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with interrupts disabled.

This was reported as:

BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 Call Trace: rt_spin_lock+0x4e/0x130 vmd_pci_read+0x8d/0x100 [vmd]
pci_user_read_config_byte+0x6f/0xe0 pci_read_config+0xfe/0x290 sysfs_kf_bin_read+0x68/0x90

[bigeasy: reword commit message]
Tested-off-by: Luis Claudio R. Goncalves <[email protected]> [kwilczynski: commit log]
[bhelgaas: add back report info from
https://lore.kernel.org/lkml/[email protected]/]

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Zuständig

Linux

Reservieren

11.01.2025

Veröffentlichung

01.05.2025

Moderieren

akzeptiert

Eintrag

VDB-306848

CPE

bereit

EPSS

0.00122

KEV

nein

Aktivitäten

very low

Quellen

Want to stay up to date on a daily basis?

Enable the mail alert feature now!