CVE-2024-46750

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.52

Description The issue is related to a missing bridge lock in the pci bus lock() function, which can cause unlocked secondary bus resets. This is identified by the cfg access lock lockdep effort. The problem arises when pci reset bus() users trigger these unlocked resets, while pci bus reset() locks everything except the bridge itself. To fix this, a pci dev lock() is added for @bus->self to pci bus lock(), similar to the fix applied to pci reset function() for "bus" and "cxl bus" reset cases.

Recommendations Update to Linux kernel version 6.6.52 or later to resolve the issue.