Tomas Krcka

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to errors in synchronization, which can be exploited to cause a denial of service. The problem arises from a call-chain that leads to enabling interrupts in a nested interrupt disabled section. This occurs in the `irqchip/gic-v3-its` component, specifically in the `its irq set vcpu affinity()` function. The call-chain involves `irq set vcpu affinity()`, `irq get desc lock()`, `raw spin lock irqsave()`, `its irq set vcpu affinity()`, `guard(raw spinlock irq)`, and `irq put desc unlock()`. The issue was introduced in commit `b97e8a2f7130`, which replaced the original `raw spin [un]lock()` pair with `guard(raw spinlock irq)`. **Recommendations** To fix the issue, use `guard(raw spinlock)` instead of `guard(raw spinlock irq)` in the `its irq set vcpu affinity()` function. As a temporary workaround, consider disabling the `irq set vcpu affinity()` function until a patch is available. Restrict access to the `irqchip/gic-v3-its` component to minimize the risk of exploitation. Avoid using the `its irq set vcpu affinity()` function in the affected API endpoint until the issue is resolved.