Linux · Linux Kernel · CVE-2024-31076
Name of the Vulnerable Software and Affected Versions:
Linux kernel (affected versions not specified)
Description:
The issue is related to a CPU vector leak during CPU offline in the Linux kernel. The absence of IRQD MOVE PCNTXT prevents immediate effectiveness of interrupt affinity reconfiguration via procfs. When the interrupt next triggers on the original CPU, the new affinity is enforced within ` irq move irq()`. A vector is allocated from the new CPU, but the old vector on the original CPU remains and is not immediately reclaimed. This leads to a CPU vector leak if the old CPU is outgoing before the interrupt triggers again on the new CPU. The `irq force complete move()` function is not invoked on the outgoing CPU to reclaim the old `apicd->prev vector` because the interrupt isn't currently affine to the outgoing CPU, and `irq needs fixup()` returns false.
To address this issue, the invocation of `irq force complete move()` should be moved before the `irq needs fixup()` call to reclaim `apicd->prev vector`, if the interrupt is currently or used to be affine to the outgoing CPU. Additionally, the vector should be reclaimed in ` vector schedule cleanup()` as well, following a warning message.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.