PT-2024-28077 · Linux+5 · Linux Kernel+5

Erhard Furtner

·

Published

2024-05-08

·

Updated

2025-09-29

·

CVE-2024-38597

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the gem poll controller() function, which disables interrupts and may cause the system to sleep. However, sleeping is not allowed in netpoll, as it has interrupts disabled completely. The gem poll controller() function does not poll completions and instead acts as if an interrupt has fired, scheduling NAPI and exiting. This behavior has been unnecessary for years since netpoll invokes NAPI directly. The vulnerability has been resolved by removing the .ndo poll controller to avoid deadlocks.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-833CWE-667

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-11524
ALT-PU-2024-13979
ALT-PU-2024-14046
ALT-PU-2024-17597
BDU:2025-03042
CVE-2024-38597
DSA-5730-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-2028
OESA-2024-2029
OESA-2024-2030
OESA-2024-2031
OESA-2024-2076
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6949-1
USN-6949-2
USN-6952-1
USN-6952-2
USN-6955-1
USN-7007-1
USN-7007-2
USN-7007-3
USN-7009-1
USN-7009-2
USN-7019-1
USN-7173-1
USN-7173-2
USN-7173-3
USN-7195-1
USN-7195-2
USN-7233-1
USN-7233-2
USN-7233-3
USN-7262-1
USN-7262-2
USN-7413-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu