CVE-2024-43851

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50

Description The issue is related to the Linux kernel, where the per cpu variable cpu number1 is passed to xlnx event handler as argument dev id, but it is not used in this function. The patch drops the initialization of this variable and renames it to dummy cpu number. This fix addresses a call trace issue that occurs when the kernel option CONFIG DEBUG ATOMIC SLEEP is enabled, resulting in a "sleeping function called from invalid context" error.

Recommendations Update to Linux kernel version 6.6.50 or later to resolve the issue. As a temporary workaround, consider disabling the xlnx event handler function until a patch is available. Restrict access to the vulnerable xlnx event manager probe function to minimize the risk of exploitation.