PT-2024-6947 · Linux+6 · Linux Kernel+6
Simon Arlott
·
Published
2024-08-22
·
Updated
2025-09-29
·
CVE-2024-46791
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to a deadlock in the Linux kernel's mcp251x component. The
mcp251x hw wake() function is called with the mcp lock mutex held, which disables the interrupt handler and can cause a deadlock if an interrupt occurs during mcp251x open(). This happens because the interrupt handler tries to acquire the same mutex, leading to a deadlock. The solution is to use disable irq nosync() instead of disable irq() because the interrupt handler does everything while holding the mutex.Recommendations
To resolve the issue, update the Linux kernel to a version that includes the fix for the deadlock in the mcp251x component.
As a temporary workaround, consider modifying the
mcp251x hw wake() function to use disable irq nosync() instead of disable irq() to prevent the deadlock.Exploit
Fix
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu