PT-2024-36896 · Linux+6 · Linux Kernel+6

Published

2024-12-27

·

Updated

2025-05-26

·

CVE-2024-56589

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description The issue arises in the hisi sas driver when both the hardware interrupt handler and the interrupt thread are executed on the same CPU, leading to a soft lockup. This occurs when an expander is connected to 12 high-performance SAS SSDs, causing the CPU to be continuously consumed and unable to run the watchdog thread. As a result, a call trace occurs when the watchdog time exceeds the specified time.
Recommendations To resolve the issue, update to Linux kernel version 6.6.74 or later. As a temporary workaround, consider adding cond resched() to execute the watchdog thread. Restrict access to the hisi sas driver to minimize the risk of exploitation until the issue is resolved.

Exploit

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BDU:2025-04495
CVE-2024-56589
DLA-4075-1
DLA-4076-1
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1033
OESA-2025-1097
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0557-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu