CVE-2024-40980

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0-rc2-rt1+ #7

Description The issue is related to the drop monitor component in the Linux kernel, which is problematic for RT kernels due to the use of spin locks as sleeping locks. This causes a splat error when the trace drop common() function is called with preemption disabled. The error occurs because spin locks are not suitable for use in atomic contexts. The trace drop common() function also disables interrupts, but this is considered a minor issue that could be easily resolved by replacing it with a local lock.

Recommendations To resolve the issue, replace the spin lock with raw spin lock in the affected versions of the Linux kernel to avoid sleeping in atomic contexts. Specifically, for Linux kernel versions prior to 6.9.0-rc2-rt1+ #7, apply the patch that replaces spin lock with raw spin lock in the drop monitor component.