CVE-2024-36003

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37

Description A vulnerability has been resolved in the Linux kernel, specifically in the ice driver. The issue is related to a potential deadlock situation that can occur when the ice reset vf() function acquires the LAG mutex and then the VF configuration lock, while another function, ice vc cfg qs msg(), acquires the locks in a different order. This can lead to a circular locking dependency, causing a deadlock. The vulnerability is detected by Lockdep, a kernel feature that detects potential locking issues.

Recommendations To resolve this issue, update the Linux kernel to version 6.6.37 or later. This version includes the fix for the deadlock situation in the ice driver. If updating the kernel is not possible, consider disabling the ice driver or restricting its use to minimize the risk of exploitation. However, these workarounds are not recommended as they may have significant performance implications. The best course of action is to update the kernel to the latest version.