FKIE_CVE-2024-46761
Vulnerability from fkie_nvd - Published: 2024-09-18 08:15 - Updated: 2026-06-17 07:55
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel
crash when we try to hot-unplug/disable the PCIe switch/bridge from
the PHB.
The crash occurs because although the MSI data structure has been
released during disable/hot-unplug path and it has been assigned
with NULL, still during unregistration the code was again trying to
explicitly disable the MSI which causes the NULL pointer dereference and
kernel crash.
The patch fixes the check during unregistration path to prevent invoking
pci_disable_msi/msix() since its data structure is already freed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/pci/hotplug/pnv_php.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4eb4085c1346d19d4a05c55246eb93e74e671048",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"lessThan": "c4c681999d385e28f84808bbf3a85ea8e982da55",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"lessThan": "bc1faed19db95abf0933b104910a3fb01b138f59",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"lessThan": "c0d8094dc740cfacf3775bbc6a1c4720459e8de4",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"lessThan": "438d522227374042b5c8798f8ce83bbe479dca4d",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"lessThan": "b82d4d5c736f4fd2ed224c35f554f50d1953d21e",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"lessThan": "bfc44075b19740d372f989f21dd03168bfda0689",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"lessThan": "335e35b748527f0c06ded9eebb65387f60647fda",
"status": "affected",
"version": "49f4b08e61547a5ccd2db551d994c4503efe5666",
"versionType": "git"
},
{
"status": "affected",
"version": "1fb738a3dc1304250c755e5e31715137c1c44c50",
"versionType": "git"
},
{
"status": "affected",
"version": "bc4c9766324a7e9fda48de58691796430c8511bf",
"versionType": "git"
},
{
"lessThan": "4.10",
"status": "affected",
"version": "4.9.14",
"versionType": "semver"
},
{
"lessThan": "4.11",
"status": "affected",
"version": "4.10.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/pci/hotplug/pnv_php.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.322",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.284",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.226",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.167",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.110",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.51",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"version": "6.10.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.11",
"versionType": "original_commit_for_fix"
}
]
}
],
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29162FB8-5FA4-4DC4-86CE-5EB0CAEEF2F3",
"versionEndExcluding": "4.19.322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6265A402-9C3C-438F-BFC5-4194B2568B85",
"versionEndExcluding": "5.4.284",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "864FC17C-501A-4823-A643-6F35D65D8A97",
"versionEndExcluding": "5.10.226",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "043405A4-25FE-45D4-A7BB-2A0C3B7D17C1",
"versionEndExcluding": "5.15.167",
"versionStartIncluding": "5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B1A95FC-7E7E-428B-BB59-F76640C652AE",
"versionEndExcluding": "6.1.110",
"versionStartIncluding": "5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4529134-BAC4-4776-840B-304009E181A0",
"versionEndExcluding": "6.6.51",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDEE48C-137A-4731-90D0-A675865E1BED",
"versionEndExcluding": "6.10.10",
"versionStartIncluding": "6.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npci/hotplug/pnv_php: Fix hotplug driver crash on Powernv\n\nThe hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel\ncrash when we try to hot-unplug/disable the PCIe switch/bridge from\nthe PHB.\n\nThe crash occurs because although the MSI data structure has been\nreleased during disable/hot-unplug path and it has been assigned\nwith NULL, still during unregistration the code was again trying to\nexplicitly disable the MSI which causes the NULL pointer dereference and\nkernel crash.\n\nThe patch fixes the check during unregistration path to prevent invoking\npci_disable_msi/msix() since its data structure is already freed."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pci/hotplug/pnv_php: Se soluciona el fallo del controlador hotplug en Powernv El controlador hotplug para powerpc (pci/hotplug/pnv_php.c) provoca un fallo del kernel cuando intentamos desconectar/deshabilitar en caliente el conmutador/puente PCIe del PHB. El fallo se produce porque, aunque la estructura de datos MSI se ha liberado durante la ruta de deshabilitaci\u00f3n/desconexi\u00f3n en caliente y se le ha asignado NULL, a\u00fan durante la anulaci\u00f3n del registro el c\u00f3digo estaba intentando de nuevo deshabilitar expl\u00edcitamente el MSI, lo que provoca la desreferencia del puntero NULL y el fallo del kernel. El parche corrige la comprobaci\u00f3n durante la ruta de anulaci\u00f3n del registro para evitar invocar pci_disable_msi/msix() ya que su estructura de datos ya est\u00e1 liberada."
}
],
"id": "CVE-2024-46761",
"lastModified": "2026-06-17T07:55:52.727",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2024-46761",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-29T14:43:48.967345Z",
"version": "2.0.3"
}
}
]
},
"published": "2024-09-18T08:15:04.517",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/335e35b748527f0c06ded9eebb65387f60647fda"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/438d522227374042b5c8798f8ce83bbe479dca4d"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/4eb4085c1346d19d4a05c55246eb93e74e671048"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/b82d4d5c736f4fd2ed224c35f554f50d1953d21e"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/bc1faed19db95abf0933b104910a3fb01b138f59"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/bfc44075b19740d372f989f21dd03168bfda0689"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/c0d8094dc740cfacf3775bbc6a1c4720459e8de4"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/c4c681999d385e28f84808bbf3a85ea8e982da55"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…